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© A data processing system, method and program are disclosed, for managing a public key cryptographic 
system. The method includes the steps of generating a first public key and a first private key as a first pair in 
the data processing system, for use with a first public key algorithm and further generating a second public key 
and a second private key as a second pair in the data processing system, for use with a second public key 
algorithm. The method then continues by assigning a private control vector for the first private key and the 
second private key in the data processing system, for defining permitted uses for the first and second private 
keys. Then the method continues by forming a private key record which includes the first private key and the 
second private key in the data processing system, and encrypting the private key record under a first master 
^ key expression which is a function of the private control vector. The method then forms a private key token 
which includes the private control vector and the private key record, and stores the private key token in the data 
processing system. 

^ At a later time, the method receives a first key use request in the data processing system, requiring the first 

public key algorithm. In response to this, the method continues by accessing the private key token in the data 
processing system and checking the private control vector to determine if the private key record contains a key 
irt having permitted uses which will satisfy the first request. The nnethod then decrypts the private key record under 
the first master key expression In the data processing system and extracts the first private key from the private 
key record. The method selects the first public key algorithm in the data processing system for the first key use 
request and executes the first public key algorithm in the data processing system using the first private key to 
perform a cryptographic operation to satisfy the first key use request. 
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BACKGROUND OF THE INVENTION 

The invention disclosed broadly relates to data processing systems and methods and more particularly 
relates to cryptographic systems and methods for use in data processing systems to enhance security. 
5 The following co-pending patent applications are related to this invention and are incorporated herein by 

reference: 

B. Brachtl, et al., "Controlled Use of Cryptographic Keys Via Generating Stations Established Control 
Values," USP 4,850,017, issued July 18, 1989. assigned to IBM Corporation and incorporated herein by 
reference. 

10 S. M. Matyas, et al.. "Secure Management of Keys Using Control Vectors," USP 4,941,176, issued July 

10, 1990, assigned to IBM Corporation and incorporated herein by reference. 

S. M, Matyas, et al., "Data Cryptography Operations Using Control Vectors," USP 4,918,728, issued 
April 17, 1990, assigned to IBM Corporation and incorporated herein by reference. 

S. M. Matyas. et al., "Personal Identification Number Processing Using Control Vectors," USP 
75 4,924,514, issued May 8, 1990, assigned to IBM Corporation and incorporated herein by reference. 

S. M. Matyas, et al., "Secure Management of Keys Using Extended Control Vectors," USP 4,924,515, 
issued May 8, 1990, assigned to IBM Corporation and incorporated herein by reference. 

S. M. Matyas, et al., "Secure Management of Keys Using Control Vectors with Multi-Path Checking," 
US serial number 07/596,637, filed October 12, 1990, assigned to IBM Corporation and incorporated here 
20 by reference. 

S. M. Matyas, et al., "Secure Cryptographic Operations Using Alternate Modes of Control Vector 
Enforcement," US serial number 07/574,012, filed August 22, 1990, assigned to IBM Corporation and 
incorporated here by reference. 

S. M. Matyas, et al., "Secure Key Management Using Programmable Control Vector Checking," USP 
25 5,007,089, issued April 9, 1991, assigned to IBM Corporation and Incorporated herein by reference. 

S. M. Matyas, et al., "Secure Key Management Using Control Vector Translation," USP 4,993,069 
issued Feb. 12. 1991, assigned to IBM Corporation and incorporated herein by reference. 

B. Brachtl, et al., "Data Authentication Using Modification Detection Codes Based on a Public One Way 
Encryption Function," USP 4,908,861, issued March 13, 1990, assigned to IBM Corporation and incor- 
30 porated herein by reference. 

D. Abraham, et al., "Smart Card Having External Programming Capability and Method of Making 
Same," US serial number 004,501, filed January 19, 1987, assigned to IBM Corporation and incorporated 
herein by reference. 

S. M. Matyas, "Technique for Reducing RSA Crypto Variable Storage", USP 4,736,423, issued Apr. 5, 

35 1988, assigned to IBM Corporation and incorporated herein by reference. 

S. M. Matyas, et al., "Method and Apparatus for Controlling the Use of a Public Key, Based on the 
Level of Import Integrity for the Key," US serial number 07/602,989, filed October 24, 1990, assigned to 
IBM Corporation and incorporated herein by reference. 

S. M. Matyas, et al., "A Hybrid Public Key Algorithm/Data Encryption Algorithm Key Distribution Method 

40 Based on Control Vectors." US serial number 07/748,407, filed August 22, 1991, assigned to IBM 
Corporation and incorporated herein by reference. 

S- M. Matyas et al., "Generating Public and Private Key Pairs Using a Passphrase," filed on the same 
day as the Instant application, US serial number 07/766,533, filed actually September 27, 1991, assigned to 
IBM Corporation and incorporated herein by reference. 

45 The cryptographic architecture described in the cited patents by S. M. Matyas, et al. is based on 

associating with a cryptographic key, a control vector which provides the authorization for the uses of the 
key intended by the originator of the key. The cryptographic architecture described in the cited patents by 
S. M. Matyas, et al. is based on the Data Encryption Algorithm (DEA), see American National Standard 
X3.92-1981, Data Encryption Algorithm, American National Standards Institute, New York (December 31, 

50 1981), whereas the present invention is based on both a secret key algorithm, such as the DEA. and a 
public key algorithm. Various key management functions, data cryptography functions, and other data 
processing functions are possible using control vectors, in accordance with the invention. A system 
administrator can exercise flexibility in the implementation of his security policy by selecting appropriate 
control vectors in accordance with the Invention. A cryptographic facility (CF) in the cryptographic 

55 architecture is described in the above cited patents by S. M. Matyas. et al. The CF is an instruction 
processor for a set of cryptographic instructions, implementing encryption methods and key generation 
methods. A memory in the cryptographic facility stores a set of internal cryptographic variables. Each 
cryptographic instruction is described in terms of a sequence of processing steps required to transform a 
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With corresponding input and output parameters. ^ ^ Hellman entitled 

Public key encryption algorithms are '=^'^^1'" ^^.T ^.oceedings of the IEEE. Volume 67, No. 3, 
"Privacy and Authentication: An ^-^^^-''^'^l'^^^^^^^^^ with the secret key distribution 

March 1979, pp. 397:427, Public key '^^^'^^^.''^TX^^^^^ 

Channel, as long as the channel ^-^^l^^^^H She ""9 p'^lic key algorithm systems are designed so 
keys are used, one for enc.phenng and ^^^J^lJ ^e^^^ enciphering and PR for deciphering and ,t .s 

that it is easy to generate a random pa.r of '"^^^^^^^'^^^^J^^ ^ to compute PR from PU. Each user 

easy to operate with PU and PR, ^^^n Tpr^Tkeeps the deciphering t^^^ 

generates a pair of inverse transforms, PU and Pa He keeps P ^^^^^^ ^^,,ypt 

Lkes the enciphering transformat.on Pub c Pia^ng it m a p ^ .^^^^^^^ ^.^ 

n^essages and send them to the user but no ^n^ ^J^ Cipher with PR. For this reason. PU is usually 
possible, and often desirable, to enc.phe with ^^ ^^1°^''^^^^^^ feature of public key cryptographic 
^:,led a public key and PR '--^''^.^tlXh urJp e.y Sn f "s the sender of a message, -f user A 
systems is the provision of a d'S'^^l s.gnat re which uniqujy ,^ ^.^^ ^.^ ^ produce the 

wishes to send a signed message M to "f;; ^^^^ ^j^e, p.i^acy was desired, but it is now used as 

signed message S. PR was used as As deciphering key jvn p y ^^^^^^^ ^ ^p^^^^^^^ 

his "enciphering" key. When user B receives ^^^^^^^S decrypting A's message, the receiver B has 
on the ciphertext S with A's public PU By -^-^f^J'^^^^^^^^ cryptography are provided in the 
conclusive proof it came f^^'^ ^'^HeCn Cryptographic Apparatus and 

'^'t:? ^USp"4^.0r7?0 tf^el^ -fal-l^-ay'rapl Apparatus and Method:" and USP 4,405.829 to 
. Rivest et al.. "C;yptographic Communications System a^^^^^^^^^^^^ ^^^^ 

Most cryptographic systems ■^af^ °' 7,7^ o another type. A key is assigned a type on the basis 

communications session) with a smaller additi^^^^^^^^^^ ,350,oi7. 4,941,176, 

hierarchies have been devised ^'^^^fJ^To^ey a^^^^^^^^ such as the Data Encryption Algorithm 
4,918,728, 4,924,514, which are based on a SV^^J^!^^"^ ^ ^ cryptographic device are encrypted with a 
(DBA), make use of a key hierarchy ^ ^^^'t ;hTmast^^ is stored in clear form within the 

Single master key and stored in ^/fV ^^f^Vsirr^a^er key to encrypt keys stored 
cryptographic hardware. The concep of using ^J^f -^ste^ J Cryptography-A New Dimension in 
is known as the master key concept (see ^eyer and b y ^^^^^^ ^^^^^p, 

computer Data Security, John ^''^V & S^^^ key cryptographic algorithm. However 

been applied only to cryptographic systems based °" ^e applied to cryptographic 

the present invention extends the master 0°^^^^^^ TrJ particularly how it may be applied 

systems based on an asymmetric key ^^yPtOQraphic algo nthm, an ^ cryptographic algorithms, 

,0 cryptographic systems incorporating ^°f^f\^f;j;^3Ttil appreciate that in a public key based 
generally called hybrid cryptographic systems. The reader j PP 3^,, symmetric 

Cryptographic systenn ernp.oying ( ^^^^l^^ ^ ^l^keys pills. Hence, at a minimum, the private 

rrrs\:;:d11^C^^^ to be made operable, each 

,n order for a cryptographic system emfjoymg the maste y ^^^^.^ cryptographic 

, device must first be initialized with ^^X Jit^ other cryptographic systems or to distribute keys to other 
system to communicate cryptographically "^^'If^^JJ^d lnlmM using manual entry techniques. In 
cryptographic systems. Typically, these keys are gene ated and , ^^^^^^^ cryptographic 

a well-designed cryptographic system. aH ^^^'J^'J^^^^^^ are stored in encrypted forr. in a 

system automatically. Keys generated by the cryptograph 
5 cryptographic key data set or transmitted m enc VPted Jorm^^^^ ^ 9 device). Thus, an 

is imported (i.e.. reencrypted to a form .^ed to encrypt keys for safe storage m a 

important feature of any key management scheme is the metno 
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At the time a key is generated, the user or user application determines, from among the range of 
options permitted by the key management, the form of each generated key. For example, a generated key 
can be produced (1) in clear form, (2) in encrypted form suitable for storage in a cryptographic key data 
set, or (3) in encrypted form suitable for distribution to a designated receiving device. Generally, 

5 cryptographic systems have different options for generating keys in these different forms. Also, at the time 
a key is generated, the user or user application determines, from among the range of options permitted by 
the key management, the type and usage of each generated key. Type and usage information are 
examples of a class of key-related information called control information. For example, in US Patents 
4,850,017, 4,941,176. 4,918,728, 4,924,514, 4,924,515, and 5,007,089, and IBM dockets MA9-88-033 (EP 

70 application no. 90105905.5) and BT9-90-018 (EP application no. 91109953.9) the control information is 
embodied within a data variable called the control vector. The control vector concepts taught in these US 
Patents and IBM dockets is summarized in a paper by S. M. Matyas entitled "Key handling with control 
vectors," IBM Systems Journal, Volume 30, No. 2, 1991, pp. 151-174. 

In a cryptographic system employing control vectors, every key K has an associated control vector C. 

15 Thus, K and C denote a 2-tuple, where K initializes the cryptographic algorithm by selecting an enciphering 
transformation and C initializes the cryptographic hardware by selecting a set of cryptographic instructions, 
modes, and usage that K is granted. Implementation of the control vector concept requires that K and C be 
coupled cryptographically. Otherwise, the key-usage attributes granted to K by C could be changed by 
merely replacing C with another control vector. The method for accomplishing this is based on integrating C 

20 into the functions used to encrypt and decrypt keys, called control vector encryption (CVE) and control 
vector decryption (CVD). Fig. 1 is a block diagram illustration showing the implementation of the CVE and 
CVD algorithms within a cryptographic facility 30. CF 30 contains a CVE algorithm 1, a CVD algorithm 2, a 
master key (KM) 3, a to-be-encrypted key K 4, and a recovered key K 5. The CVE algorithm 1 encrypts a 
clear key K 4 within CF 30 using a variant key KM + C formed as the Exclusive OR product of master key 

25 KM 3 stored within CF 30 and control vector C 6 specified as an input to CF 30 to produce an output 
encrypted key value of the form e*KM + C(K) 7. Note that '* + " denotes the Exclusive OR operation and e* 
denotes encryption with a 128-bit key. The operation of encryption consists of encrypting K with the 
leftmost 64 bits of KM + C then decrypting the result with the rightmost 64 bits of KM + C and then 
encrypting that result with the leftmost 64 bits of KM + C. The CVD algorithm 2 decrypts the encrypted key 

30 e*KM + C(K) 9 specified as an input to CF 30 with the variant key KM + C formed as the Excluslve-OR 
product of master key KM 3 stored within CF 30 and control vector C 8 specified as an Input to CF 30 to 
produce an output clear key K 5. The operation of decryption consists of decrypting e*KM + C(K) with the 
leftmost 64 bit of KM + C then encrypting the result with the rightmost 64 bits of KM + C and then decrypting 
that result with the leftmost 64 bits of KM + C. The CVE algorithm is used to encrypt and protect keys 

35 stored outside the CF. The CVD algorithm Is used to decrypt and recover keys to be processed within the 
CF. 

Fig. 2 Is a block diagram illustration of the control vector encryption (CVE) algorithm. Referring to Fig. 

2, C is an input control vector whose length is a multiple of 64 bits; KK is a 128-bit key-encrypting key 
consisting of a leftmost 64-bit part KKL and a rightmost 64-bit part KKR, i.e., KK = (KKL,KKR); K is a 64-blt 

40 key or the leftmost or rightmost 64-bit part of a 128-bit key to be encrypted. The specification of KK is 
meant to be very general. For example, KK can be the master key KM, or some other key-encrypting key. 
The inputs are processed as follows. Control vector C is operated on by hashing algorithm ha, described 
below, to produce the 128-bit output hash vector H. H is Exclusive-ORed with KK to produce 128-bit output 
KK + H. Finally, K is encrypted with KK + H to produce output e*KK + H(K), where e* Indicates encryption with' 

45 1 28-blt key KK + H using an encryption-decryption- encryption (e-d-e) algorithm as defined in ANSI 
Standard X9. 17-1985 entitled "American National Standard for Financial Institution Key Management 
(Whole- sale)", 1985. and in ISO Standard 8732 entitled "Banking-Key Management (Wholesale)", 1988. 
Fig. 3 is a block diagram illustration of the control vector decryption (CVD) algorithm. Referring to Fig. 

3, C is an input control vector whose length is a multiple of 64 bits; KK is a 128-bit key-encrypting key " 
50 consisting of a leftmost 64-bit part KKL and a rightmost 64-blt part KKR, i.e., KK = (KKL.KKR); e*KK + H(K) is 

the encrypted key to be decrypted. Control vector C Is operated on by hashing algorithm ha, described 
below, to produce the 128-bit output hash vector H. H is Exclusive-ORed with KK to produce 128-bit output 
KK + H. Finally, e*KK + H(K) is decrypted with KK + H using a decryption- encryption-decryption (d-e-d) 
algorithm to produce output K. The d-e-d algorithm Is just the inverse of the e-d-e algorithm. 
55 Fig. 4 is a block diagram illustration of hashing algorithm ha. Hashing algorithm ha operates on input 

control vector C (whose length Is a multiple of 64 bits) to produce a 128-bit output H, where H = ha(C). If C 
is 64 bits, ha(C) is set equal to (C,C). where the comma denotes concatenation, and the extension field (bits 
45,46) In ha(C) is set equal to B'OO'. That is, ha acts like a concatenation function. If C Is 128 bits, ha(C) is 

5 
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fli to B'OV That is ha acts iiKe cm i^^^'-*^ 
in c and the extension field in MO. is se ^ cryptographic (unction ol C. 

Sc^n . C IS "eater than >28 bits. "^^r^^X 1*07.^0,^ m r.,. 5, and the extension 
L a a "28.M modlticalion detection code caloilated b, ^ ^, ,„ n,,cps 

not need to set the extenbi ^^^^^.^ modification 

30 vector C which is f °9 '"^^ ^^d CVD, respectively. The CVE ana ^ y ^ ^^H. ,3 

vector decryption algorithms. CVE ana ^^^^ control ^^cto "^"^^ ^g^i^ition 

-rrcosrt-^^^^^^^^ 

'concern itself with ^^'^^'J'"'''''^''^^^^^^ instruction may only "^^^ f J^^^"^^^^^^^^^^ important 

may have many ^^"^^'^'j! .^^^^^^^s Ipeei u'p the control vector <^^-';'"fj;^^^^^^^ the 
information in a few subf.elds^ Th s sp ^^^^ ^^^^^^ accompanies ^^P"^^ ^ recover the 

characteristic of the --^^'['I'^^Xl correct non-secret control vector '^^^^P^^^^^^^ places 
,0 key wherever it 9°«^ /f '^^f ;'3"'in ^1 vector is available and can f ^'J^^f^.'^^^.g/aphic hardware. 

correct secret key value. ^^^^^"^^^^^^^^^ p,ogra.Ti. cryptographic software, and cryptog p 

within the cryptographic system. ^PPl^^aUon Pj it^ms are implemented f° ^^^^^^^^^ .^.tp^t 

Within a cryptograp.c ^^^^^^^^^^^^ the aigoj^^^^^^^^^^^^^^^^ L 

transparent to the system. All c^ar y ^^^^^^^^^ the CVD aigo .^^^ 

45 from the cryptographic ^a dwara Al ^.^^.^ cryptographic t^^'^^^J^' " ^ 3i,g,e pair 
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numbers of their magnitude. When the cryptographic algorithm is an asymmetric algorithm such as the RSA 
algorithm, there are two keys PU and PR. In general, if (PU,PR) is a valid key pair, then (PU + C,PR + C) is 
not a valid key pair for an arbitrary value C. This is because the PU and PR key values meet certain 
mathematical constraints and are sparse in the set of all binary numbers of their magnitude. Thus, an 

5 alternate method for coupling C to PU and PR is needed. Moreover, encrypting one key with another can 
sometimes be cumbersome, e.g., when an the RSA algorithm is employed it is cumbersome to encrypt a 
key of one modulus value with a key of another modulus value if the value of the first modulus is greater 
than the value of the second modulus. This cumbersome situation must be dealt with in the underlying 
design so that a general methodology is achieved. The present invention will show how this is accom- 

10 plished. In hybrid cryptographic systems where both a symmetric and asymmetric algorithm are imple- 
mented, the public and private keys belonging to the asymmetric algorithm can be encrypted with keys 
belonging to the symmetric key algorithm. In that case, the method for coupling a key and control vector 
can be similar to that described in the prior art. However, even here there are subtle differences that affect 
the design choice. For example, the public and private keys belonging to the asymmetric key algorithm are 

75 typically longer than the keys belonging to the symmetric key algorithm. Also, the possibility that the public 
and private keys will be of different and varying lengths must be addressed. 512-bit RSA keys are not 
uncommon, where a DBA master key is generally 128 bits. Thus, the CVE and CVD algorithms must be 
adjusted to permit long asymmetric keys to be encrypted with shorter (e.g., 128-bit) symmetric keys. 
Another difference is that, in theory, the public keys need not be encrypted when stored in a cryptographic 

20 key data set. However, there are advantages to handling both the public and private keys similarly. As 
examples, the same method for coupling the control vector and the private key can be used to couple the 
control vector and the public key, and the same method of authenticating the key value can be used. Also, 
handling the public and private keys in the same way means that all keys are handled and processed just 
one way, which reduces the complexity of the key management design. That is, as the private key must be 

25 encrypted to ensure that its value does not become known, the public key may also be encrypted to 
simplify the internal key management design, as then the key (whether public or private) will always be 
decrypted before being processed further. 

When a public key algorithm is employed, the key lengths or key sizes are not fixed by the algorithm 
as with the DBA. In this case, the cryptographic system will most likely have to operate with public and 

30 private keys of different lengths, varying as much as several hundred bits. Therefore, the CVE and CVD 
algorithms must be designed to handle public and private keys with varying lengths. It is also important that 
the length of the key be made transparent from the application and the cryptographic system using the key. 

In cryptographic systems based on the DBA, many cryptographic instructions that handle bulk data 
must be streamlined so that performance is not degraded by the introduction of the control vector and the 

35 encryption and decryption algorithms (CVB and CVD). However, when a public key (PK) algorithm is 
employed, the individual steps of encryption and decryption are orders of magnitude slower than encryption 
and decryption with the DBA. Thus, the design of a key management scheme based on a PK algorithm can 
have different underlying objectives. For example, key processing and key handling operations that 
introduce unwarranted processing overhead in a DBA-based key management, may indeed be appropriate 

40 for a PK-based key management. This is because the processing overhead while large compared to one 
DBA encryption may be insignificant compared to one PK encryption. In the present invention, a strategy is 
pursued of authenticating a key dynamically within the cryptographic hardware as part of the CVD 
algorithm. Relatively speaking, while this introduces significant processing overhead in a DBA-based key 
management scheme, it adds very little processing overhead in a PK-based key management scheme. 

45 However, this ensures that valid and strong PR and PU keys are used, and that an invalid (i.e., insecure) 
key value is not inadvertently used. 

OBJECTS OF THE INVENTION 

50 It is therefore an object of the invention to provide an improved method for controlling the usage of 

public and private keys. 

It is another object of the invention to permit large amounts of control information for the public and 
private keys. 

It is another object of the invention to permit the application, the system software, and the system 
55 hardware to check and set portions of the control information. 

It is another object of the invention to permit keys to be authenticated within the crypto hardware as 
part of the key recovery process, so that all keys are authenticated before they are used by the crypto 
hardware. . 
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It is another object of the invention to pernnit an open-ended design allowing new and expanded key 
usage to be added to the architecture. 

It is another object of the invention to provide a single consistent method for handling both public and 
private keys. 

5 It is another object of the invention to allow the physical makeup of the keys to appear transparent. 

It is another object of the invention to allow users to port their public and private keys from one 
cryptographic system to another. 

It is another object of the invention to base control vector encrypt and decrypt on a DEA master key of 
128 bits. 

10 It is another object of the invention to provide a general method for control vector encrypt and decrypt 
where the system master key is a private and public key pair of a commutative asymmetric cryptographic 
algorithm (i.e., no DEA or other symmetric algorithm master key is used). 

It is another object of the invention to provide a general method for control vector encrypt and decrypt 
where the system master key is a quadruple of two key pairs of private and public keys of a non- 
75 commutative asymmetric cryptographic algorithm. Specifically the system master key quadruple consists of 
(1) a PU1 master key used to encrypt the public and private keys kept outside the cryptographic facility. (2) 
a PR1 master key used to decrypt the public and private keys kept outside the cryptographic facility, (3) a 
PR2 master key used to generate an authentication signature for the public and private keys kept outside 
the cryptographic facility, and (4) a PU2 master key used to verify the authentication signature of the public 
20 and private keys kept outside the cryptographic facility. 

It is another object of the invention to provide a general method for control vector encrypt and decrypt 
where the system master key is a quadruple of one key pair of private and public keys using public key 
algorithm 1 and another key pair of private and public keys using public key algorithm 2. Specifically the 
system master key quadruple consists of (1) a PU1 master key (based on public key algorithm 1) used to 
25 encrypt the public and private keys kept outside the cryptographic facility, (2) a PR1 master key (using 
public key algorithm 1) used to decrypt the public and private keys kept outside the cryptographic facility, 
(3) a PR2 master key (using public key algorithm 2) used to generate an authentication signature for the 
public and private keys kept outside the cryptographic facility -*.nd (4) a PU2 master key (using pub!;*' key 
algorithm 2) used to verify the authentication signature of :)ubiic and private keys kept oulsi . he 
30 cryptographic facility. 

SUMMARY OF THE INVENTION 

These and other objects, features, and advantages are accornplished by the invention as claimed and 
35 disclosed herein. 

The invention describes a method for encrypting the public and private keys of a cryptographic 
asymmetric key (public key) algorithm, when these keys are stored outside the secure boundary of the 
cryptographic facility (i.e., cryptographic hardware) and for decrypting these keys when they are processed 
or used within the secure boundary of the cryptographic facility. The so-produced encrypted keys may be 

40 kept in a cryptographic key data set belonging to the cryptographic system software or they may be 
managed by the cryptographic application programs that use the keys. The public and private keys are 
encrypted by a system master key stored in clear form within the secure boundary of the cryptographic 
facility. In situations where the cryptographic system implements a symmetric key algorithm in addition to 
the asymmetric key algorithm the system master key can be a symmetric key. For example, if the 

45 cryptographic system implements both DEA and RSA algorithms, then the RSA public and private keys are 
protected with a 128-bit DEA master key. 

In situations where the cryptographic system implements a commutative asymmetric key algorithm 
(such as the RSA algorithm), the system master key consists of a special public and private key pair 
(PUO,PRO) stored in clear form within the cryptographic facility. A commutative asymmetric key algorithm is 

50 one where the operation of encryption followed by decryption is equal to the operation of decryption 
followed by encryption in that both result in the original plaintext. The master public key PUO is used to 
encrypt and verify authenticity for public and private keys stored outside the cryptographic facility and the 
master private key PRO is used to decrypt and generate authentication signatures on the public and private 
keys stored outside the cryptographic facility. In addition to providing a means to encrypt and decrypt the 

55 public and private keys stored outside the cryptographic facility, the invention also provides a means to 
cryptographically couple the control vector with the public and private keys and to authenticate the public 
and private keys using a special authenticator produced within the cryptographic facility. 
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In situations where the cryptographic systenn innplennents only a non-connmutative asymmetric key 
algorithm, the system master key may consist of a special quadruple composed of a two public and private 
key pairs ((PU1 ,PR1),(PU2,PR2)) stored in clear form within the cryptographic facility. A non-commutative 
asymmetric key algorithm is one where encryption must always be done before decryption. Master public 

5 key PU1 is used to encrypt public and private keys stored outside the cryptographic facility and master 
private key PR1 is used to decrypt public and private keys stored outside the cryptographic facility. Master 
public key PU2 is used to verify the authenticity of and private keys stored outside the cryptographic facility 
and master private key PR2 is used to generate authentication signatures for the public and private keys 
stored outside the cryptographic facility. 

10 In situations where the cryptographic system implements two different asymmetric algorithms, where 

one algorithm is used for key encryption/decryption and another (different) algorithm is used for authentica- 
tion, the system master key consists of a special quadruple composed of a two public and private key pairs 
((PU1,PR1),(PU2,PR2)) stored in clear form within the cryptographic facility. (PU1,PR1) comprise an 
asymmetric key pair from a first public key algorithm and (PU2,PR2) comprise an asymmetric key pair from 

75 a second public key algorithm, which is different from the first algorithm. Master public key PU1 is used to 
encrypt public and private keys stored outside the cryptographic facility and master private key PR1 is used 
to decrypt public and private keys stored outside the cryptographic facility. Master public key PU2 is used 
to verify the authenticity of public and private keys stored outside the cryptographic facility and master 
private key PR2 is used to generate authentication signatures for the public and private keys stored outside 

20 the cryptographic facility. 

Note also, as an alternate embodiment, if the public key algorithm is not commutative, if both the public 
key and the private keys that are used as the master key pair are kept secret, then only one master key 
pair is needed. In this case, the (secret) public key is used to encrypt the authentication record and the 
private key is used to decrypt it. Normally this would represent a security exposure, but as the public.key is 

25 secret and known only inside the cryptographic facility, there is no exposure. Care must be taken to ensure 
that the (secret) public key is never inadvertently exposed. 

Fig. 6 illustrates a cryptographic facility 30 containing a commutative asymmetric algorithm master key. 
In this case, the public and private keys stored outside the cryptographic facility 30 are protected (i.e., 
encrypted for privacy and authenticated) with an asymmetric master key pair, designated (PUO,PRO). 

30 Outside the cryptographic facility 30, all public and private keys are stored in key tokens. Public keys are 
stored in public key tokens (PU key tokens) and private keys are stored in private key tokens (PR key 
tokens). The PU key tokens and PR key tokens are stored in a cryptographic key data set 32 managed by 
the cryptographic system software, or they may be managed by the cryptographic application programs 
themselves (not shown in Fig. 6). 

35 Fig. 7 illustrates a cryptographic facility 30 containing an asymmetric key algorithm and a symmetric 

key algorithm. In this case, the public and private keys stored outside the cryptographic facility 30 are 
protected with a symmetric system master key, designated KM. If the symmetric key algorithm is the DEA, 
then KM is a 128-bit key, as described in the prior art. As in Fig. 6, the public and private keys are stored in 
PU key tokens and PR key tokens. The PU key tokens and PR key tokens are stored in a cryptographic 

40 key data set 32 managed by the cryptographic system software, or they may be managed by the 
cryptographic application programs themselves {not shown in Fig. 7). 

The reader will appreciate from the full description of the invention, provided below that, except for the 
special functions that encrypt and decrypt the keys in the key tokens, the means for protecting keys based 
on any of the following methods: 

45 (1) a symmetric system master key (KM), 

(2) a commutative asymmetric system master key pair (PU0,PR0), 

(3) a non-commutative asymmetric master key pair (PU0,PR0) where both the public and private key are 
kept secret, 

(4) a non-commutative asymmetric master key quadruple ((PU1 ,PR1 ),(PU2,PR2)), or 

50 (5) a master key quadruple ((PU1 ,PR1 ),(PU2,PR2)) when the first key pair uses one public key algorithm 
for key encryption/decryption and the second key pair uses another public key algorithm different from 
the first for authentication can be made transparent to the user of a cryptographic system. Thus, the 
cryptographic instructions that process and use the public and private keys and the cryptographic 
software and cryptographic application programs that handle the public and private key tokens are 

55 unaffected by the particular encryption and decryption means for storage and recovery of the public and 
private keys. This is so because the keys are treated as logical entities. Their physical characteristics 
such as length, format, component make up, etc., are kept transparent to the cryptographic system. This 
is partially accomplished through the use of special records called the public key record (PU key record) 
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and private key record (PR key record) which may have varying length, as the keys they contain may 
have varying length. All public and private keys generated within the cryptographic system are stored in 
these varying-length key records. As an alternate embodiment, the key records may be set to a fixed 
size that will contain the largest size public and private keys that will be generated and/or used on the 
5 system. 

Fig. 8 illustrates the production of public and private keys using a public key key generation algorithm 
(KGA) 152. In response to a request to generate a (PU.PR) key pair, public key generation algorithm 152 
causes a (PU,PR) key pair to be generated. The generated public key PU is stored in a PU key record and 
the generated private key PR is stored in a PR key record. The PU key record and PR key record are 

70 returned as outputs. In addition to returning the PU key record and PR key record, the public key 

generation algorithm 152 may also optionally return a PU length parameter indicating the length of PU key 

record and a PR length parameter indicating the length of PR key record. The optional length parameters 

may be useful in implementations where the lengths of PU key record and PR key record may vary. 

Fig. 9 illustrates the formats of the PU key record and PR key record. The PU key record contains 

75 parse data that permits the public key to be recovered from the record. The parse data may be length and 
displacement data of fields in the record. The PU key record also contains control information that may be 
useful in describing the record type and type of key or keys stored within the record. The PU key record 
also permits one or more public keys to be stored as a single logical public key. This may be particularly 
useful in situations where a first public key algorithm is used for DEA key encryption/decryption purposes, 

20 e.g., to distribute DEA keys from one device to another, and a second public key algorithm is used for 
generating and verifying digital signatures. Thus, a first public key PU1 is used to encrypt DEA keys and a 
second public key PU2 is used verify digital signatures, in such situations, the cryptographic system is 
designed in such a way that the key processing operations will know from the context of the operations 
being perform whether the public key to be used is PU1 or PU2. The PR key record also contains parse 

25 data that permits the private key to be recovered from the record. The PR key record also contains control 
information that may be useful in describing the record type and type of key or keys stored within the 
record. The PR key record also permits one or more private keys to be stored as a single logical private 
key. Thus, a first private key PR1 is used to decrypt a DEA key encrypted by the first public key PU1, and 
a second private key PR2 is used to generate digital signatures for later verification by the second public 

30 key PU2. In such situations, the cryptographic system is designed in such a way that the key processing 
operations will know from the context of the operations being performed whether the private key to be used 
is PR1 or PR2. The PU and PR key records keep algorithm specific and key specific information 
transparent to the cryptographic system. Only the public key algorithm itself that processes the key records 
need be aware of the internal structure and makeup of these key records. 

35 As an alternate embodiment, in certain situations, there may be advantages to maintaining the logical 

key records in two forms: the first containing both the private keys and public keys for the owner or creator 
of the keys and the second containing just the public keys for distribution to others. As before, if using the 
owner's logical key record containing both private and public keys, the correct key to use can be 
determined from context. 

40 Fig. 10 illustrates the production of public and private key pairs using a Generate Public and Private 

Key Pair (GPUPR) instruction. The GPUPR instruction is described in detail in co-pending patent application 
by S. M. Matyas, et al. entitled "Generating Public and Private Key Pairs Using a Passphrase", as cited in 
the background art. Referring now to Fig. 10, the GPUPR instruction 52 is contained in an instruction 
processor 142 within the cryptographic facility (CF) 30. In practice, the CF 30 is implemented within secure 

45 hardware, so that keys and cryptographic variables stored within the CF 30 are protected, i.e., both the 
secrecy and integrity of these keys and cryptographic variables are protected. The CF 30 also contains a 
CF environment memory 146 for the storage of keys and cryptographic variables such as a master key 15. 
Fig. 10 does not specify whether the master key is (1) a symmetric master key KM, (2) an asymmetric 
commutative master key pair (PUO,PR0), (3) a non-commutative asymmetric master key pair (PU0,PR0) 

50 where both the public and private key are kept secret, (4) an asymmetric non- commutative master key 
quadruple ((PU1 ,PR1),(PU2,PR2)), or (5) an asymmetric two-PK-algorithm master key quadruple (- 
(PU1,PR1),(PU2,PR2)) where the first pair uses one public key algorithm and the second pair uses a 
different public key algorithm from the first. The CF 30 also contains cryptographic algorithms 144, which 
includes an asymmetric key algorithm 10, an optional symmetric key algorithm 11, and an asymmetric key 

55 key generation algorithm (KGA) 152. The inputs to the GPUPR instruction at 50 consist of a mode, an 
optional code word, PU control vector, and PR control vector. In response to a request to execute the 
GPUPR instruction at 50, the GPUPR instruction invokes the KGA 152, at 53, passing the mode and 
optional code word. The mode indicates to KGA 152 whether the to-be-generated public and private key 
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pair (PU.PR) are generated from a code word (mode = 'PP') or not (mode = 'no PP'). In response the KGA 

152 produces a public and private key pair (PU,PR) which are formatted in a PU key record and PR key 
record. The PU key record and PR key record are returned to the GPUPR instruction at 54. In response, the 
GPUPR instruction builds a PU key token and a PR key token containing the encrypted PU key record and 

5 encrypted PR key record, respectively. Each key token contains a control vector and an authenticator, as 
further described below. The GPUPR instruction 52 also performs consistency checking on the mode and 
control vector supplied as inputs at 50, see also co-pending patent application by S. M. Matyas, et al. 
entitled "Generating Public and Private Key Pairs Using a Passphrase", cited in the background art, for a 
further discussion of this consistency checking. The so-produced PU key token and PR key token are 

10 returned as outputs at 51 . 

Fig. 11 illustrates the formats of the PU key token and PR key token. The PU key token consists of a 
header, a PU control vector, an encrypted PU key record, and a PU authenticator. As an alternate 
embodiment, the PU key token may consist of a header, a PU control vector, a plaintext PU key record, and 
a PU authenticator. The preferred embodiment has an encrypted PU key record in the PU key token as the 

;5 PR key token must contain an encrypted PR key record (to maintain its secrecy) and doing both PU and 
PR key tokens in the same manner simplifies the processing. The PR key token consists of a header, a PR 
control vector, an encrypted PR key record, and a PR authenticator. The header in the PU key token 
consists of Information (e.g., offsets or displacements to start of fields, offsets or displacements to end of 
fields, and/or lengths of fields) that enable the system to determine the start and end of each other field In 

20 the PU key token. The PU control vector consists of a PU key type, PU key usage data, PR key usage data 
(for history purposes), algorithm identifier, algorithm-specific data, key start date/time, key expiration 
data/time, device identifier, user Identifier, key identifier, logical device identifier, and user-defined data. The 
fields of PU control vectors are presented in more detail under "Description of the Best Mode for Carrying 
Out the Invention." If the system master key is a symmetric key KM, then PU key record Is encrypted with 

25 a variant key derived from KM, as explained below. If the system master key is an asymmetric key pair 
(PUO,PRO), then PU key record is encrypted with PUO, as explained below. The PU authenticator Is a 
special authentication code produced at the time the PU key token is constructed. Later, when the PU key 
token is specified as a parameter Input to a cryptographic instruction, the PU authenticator is used ,to 
validate the public key as part of key recovery, before the recovered PU is processed within the 

30 cryptographic Instruction. 

The header in the PR key token consists of information (e.g., offsets or displacements to start of fields, 
offsets or displacements to end of fields, and/or lengths of fields) that enable the system to determine the 
start and end of each other field In the PR key token. The PR control vector consists of a PR key type, PR 
key usage data, PU key usage data (for history purposes), algorithm identifier, algorithm-specific data, key 

35 start date/time, key expiration data/time, device Identifier, user Identifier, key identifier, logical device 
identifier, and user-defined data. The fields of PR control vectors are presented In more detail under 
"Description of the Best Mode for Carrying Out the Invention." If the system master key is a symmetric key 
KM, then PR key record is encrypted with a variant key derived from KM, as explained below. If the system 
master key is an asymmetric key pair (PUO, PRO), then the PR key record is encrypted with PUO, as 

40 explained below. The PR authenticator is a special authentication code produced at the time the PR key 
token is constructed. Later, when the PR key token is specified as a parameter input to a cryptographic 
instruction, the PR authenticator is used to validate the public key as part of key recovery, before the 
recovered PR Is processed within the cryptographic instruction. 

In co-pending patent application by S. M. Matyas, et aL entitled "Generating Public and Private Key 

45 Pairs Using a Passphrase", cited in the background art, the outputs of key generator algorithm 152 are the 
generated public and private keys, PU and PR. Actually, the outputs are a PU key record and a PR key 
record, containing the generated PU and PR, respectively, as defined here. Those skilled in the art will 
appreciate that the description of the GPUPR Instruction and the key generation algorithm in copending 
patent application by S. M. Matyas, et al. entitled "Generating Public and Private Key Pairs Using a 

50 Passphrase", is for all intents and purposes the same as the description provided here, and that returning 
PU and PR as outputs from the key generation algorithm 152, instead of return PU and PR key records 
does not depart from the underlying invention. 

BRIEF DESCRIPTION OF THE DRAWINGS 

55 

These and other objects, features, and advantages of the invention will be more fully appreciated with 
reference to the accompanying figures. 



11 



BNSDOCID:<EP 053441 9A2> 



EP 0 534 419 A2 



Fig. 1 is a block diagram illustration of the process to encrypting keys and decrypting keys in a DEA- 
based cryptographic system using the control vector encrypt (CVE) and control vector decrypt (CVD) 
algorithms. 

Fig. 2 is a block diagram illustration of the CVE algorithm implemented in a DEA-based cryptographic 
"5 system. 

Fig. 3 is a block diagram illustration of the CVD algorithm implemented in a DEA-based cryptographic 
system. 

Fig. 4 is a block diagram illustration of the hashing algorithm ha implemented in the CVE and CVD 
algorithms of Figs. 1, 2, and 3. 
10 Fig. 5 is a block diagram illustration of the MDC-2 algorithm. 

Fig, 6 is a block diagram illustration of a first embodiment of the invention wherein the generated public 
and private keys stored outside the cryptographic facility are protected with a commutative asymmetric 
system master key pair (PUO,PRO). 

Fig. 7 is a block diagram illustration of a second embodiment of the invention wherein the generated 
75 public and private keys stored outside the cryptographic facility are protected with a symmetric system 
master key KM. 

Fig. 8 is a block diagram illustration of a public key key generation algorithm (KGA). 

Fig. 9 illustrates the formats of the PU key record and PR key record. 

Fig. 10 is a block diagram illustration of the GPUPR instruction. 
20 Fig. 1 1 illustrates the formats of the PU key token and the PR key token. 

Fig. 12 illustrates a communications network 10 including a plurality of data processors, each of which 
includes a cryptographic system. 

Fig. 13 is a block diagram of a cryptographic system 22. 

Fig. 14 is a block diagram of a cryptographic facility 30. 
25 Fig. 15 is a block diagram illustration of the cryptographic algorithms 144 component of the cryp- 

tographic facility 30 containing the key record encrypt and key record decrypt algorithms. 

Fig. 16 is a flow diagram of a first embodiment of key record encrypt algorithm 12. 

Fig. 17 is a flow diagram of a first embodiment of key record decrypt algorithm 13. 

Fig. 18 is a flow diagram of a second embodiment of key record encrypt algorithm 12. 
30 Fig. 19 is a flow diagram of a second embodiment of key record decrypt algorithm 13. 

Fig. 20 is a functional block diagram illustrating the recovery of two private keys and their use in two 
public key algorithms to fulfill two different cryptographic service requests. 

Fig. 21 is a block diagram showing the production of an internal key token from a key record and the 
production of an external key token from a key record. 
35 Fig. 22 is a block diagram showing the production of an internal key token from an internal key unit 

produced from a key record and the production of an external key token from an external key unit produced 
from a key record. 

Fig. 23 lists the components of the Instruction Processor 142. 

Fig. 24 shows the elements of the Configuration Table in the CF Environment Memory 146. 
40 Fig. 25 shows the main elements of the Cryptographic Algorithms 144. 

Fig. 26 is a block diagram illustration of the components of the CF Environment. 

Fig. 27 shows the instructions controlled by the DEFINE, AUTH CONTROL, AUTH, and ENABLE fields 
in the Configuration Vector. 

Fig. 28 is a block diagram illustration of the MDC Table. 
45 Fig. 29 is a block diagram illustration of the Counter Table. 

Fig. 30 illustrates the control vector hierarchy of PKCD keys. 

Fig. 31 is a block diagram illustration of the fields in a control vector associated with a private 
authentication key. 

Fig. 32 is a block diagram illustration of the fields in a control vector associated with a private 
50 certification key. 

Fig. 33 is a block diagram illustration of the fields in a control vector associated with a private key 
management key. 

Fig, 34 is a block diagram illustration of the fields in a control vector associated with a private user key. 
Fig. 35 is a block diagram illustration of the fields in a control vector associated with a public 
55 authentication key. 

Fig. 36 is a block diagram illustration of the fields in a control vector associated with a public 
certification key. 
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Fig. 37 is a block diagram illustration of the fields in a control vector associated with a public key 
management key. 

Fig. 38 is a block diagram illustration of the fields in a control vector associated with a public user key. 
Fig. 39 is a block diagram illustration of the fields in a hash vector, 

5 

DESCRIPTION OF MODES FOR CARRYING OUT THE INVENTION 

Environment Description: Fig. 12 illustrates a network block diagram showing a communications network 10 
to which is connected a plurality of data processors including data processor 20, data processor 20', and 

70 data processor 20". Also included in each data processor is a cryptographic system, as shown in Fig. 12. 
Data processor 20 includes cryptographic system 22, data processor 20* includes cryptographic system 22* 
and data processor 20" includes cryptographic system 22". Each data processor supports the processing 
of one or more applications which require access to cryptographic services such as for the encryption, 
decryption and authenticating of application data and the generation and installation of cryptographic keys. 

75 The cryptographic services are provided by a secure cryptographic facility in each cryptographic system. 
The network provides the means for the data processors to send and receive encrypted data and keys. 
Various protocols, that is, formats and procedural rules, govern the exchange of cryptographic quantities 
between communicating data processors in order to ensure the interoperability between them. 

Fig. 13 illustrates the cryptographic system 22. In the cryptographic system 22, the cryptographic 

20 facility (CF) 30 has an input 37 from a physical interface. The cryptographic facility access program (CFAP) 
34 is coupled to the cryptographic facility 30 by means of the interface 31. The cryptographic key data set 
(CKDS) 32 is connected to the cryptographic facility access program 34 by means of the interface 33. The 
application programs (APPL) 36 are connected to the cryptographic facility access program 34 by means of 
the interface 35. 

25 A typical request for cryptographic service is initiated by APPL 36 via a function call to the CFAP 34 at 

the interface 35. The service request includes key and data parameters, as well as key identifiers which the 
CFAP 34 uses to access encrypted keys from the CKDS 32 at the interface 33. The CFAP 34 processes the 
service request by issuing one or more cryptographic access instructions to the CF 30 at the interface 31. 
The CF 30 may also have an optional physical interface 37 for direct entry of cryptographic variables into 

30 the CF 30. Each cryptographic access instruction invoked at the interface 31 has a set of input parameters 
processed by the CF 30 to produce a set of output parameters returned by the CF 30 to the CFAP 34. In 
turn, the CFAP 34 may return output parameters to the APPL 36. The CFAP 34 may also use the output 
parameters and input parameters to subsequently invoke instructions. If the output parameters contain 
encrypted keys, then the CFAP 34, in many cases, may store these encrypted keys in the CKDS 32.: 

35 Fig. 14 illustrates the cryptographic facility 30. The cryptographic facility 30 is maintained within a 

secure boundary 140. The cryptographic facility 30 includes the instruction processor 142 which is coupled 
to the cryptographic algorithms 144 which are embodied as executable code. The cryptographic facility 
environment memory 146 is coupled to the instruction processor 142. The physical interface can be 
coupled over line 37 to the CF environment memory 146, as shown in the figure. The instruction processor 

40 142 is coupled to the cryptographic facility access program (CFAP) 34 by means of the interface at 31. 

The instruction processor 142 is a functional elennent which executes cryptographic microinstructions 
invoked by the CFAP access instruction at the interface 31. For each access instruction, the interface 31 
first defines an instruction mnemonic or operation code used to select particular microinstructions for 
execution. Secondly a set of input parameters is passed from the CFAP 34 to the CF 30. Thirdly, a set of 

45 output parameters is returned by the CF 30 to the CFAP 34. The instruction processor 142 executes the 
selected instruction by performing an instruction specific sequence of cryptographic processing steps 
embodied as microinstructions stored in cryptographic microinstruction merhory 144. The control flow and 
subsequent output of the cryptographic processing steps depend on the values of the input parameters and 
the contents of the CF environment memory 146. The CF environment memory 146 consists of a set of 

50 cryptographic variables, for example keys, flags, counters, CF configuration information, etc., which are 
collectively stored within the CF 30. The CF environment variables in memory 146 are initialized via the 
interface 31, that is by execution of certain CF microinstructions which read input parameters and load them 
into the CF environment memory 146. Alternately, initialization can be done via an optional physical 
interface which permits cryptographic variables to be loaded directly into the CF environment memory 146, 

55 for example via an attached key entry device. 

The physical embodiment of the cryptographic facility secure boundary 140, incorporates the following 
physical security features. The physical embodiment resists probing by an insider adversary who has 
limited access to the cryptographic facility 30. The term "limited" is measured in minutes or hours as 
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opposed to days or weeks. The adversary is constrained to a probing attack at the customer's site using 
limited electronic devices as opposed to a laboratory attack launched at a site under the control of the 
adversary using sophisticated electronic and mechanical equipment- The physical embodiment also detects 
attempts at physical probing or intruding, through the use of a variety of electro-mechanical sensing 

5 devices. Also, the physical embodiment of the cryptographic facility 30 provides for the zeroization of all 
internally stored secret cryptographic variables. . Such zeroization is done automatically whenever an 
attempted probing or intrusion has been detected. The physical embodiment also provides a manual facility 
for a zeroization of internally stored secret cryptographic variables. Reference to the Abraham, et al. patent 
application cited above, will give an example of how such physical security features can be implemented. 

10 Key Record Encryption/Decryption: Fig 15 is a block diagram illustration of cryptographic facility 30 
incorporating the key record encrypt and key record decrypt algorithms. Cryptographic facility 30 contains 
an instruction processor 142 consisting of a plurality of cryptographic instructions (not shown in Fig. 15), a 
CF environment memory 146 containing a master key 15, and cryptographic algorithms 144. Cryptographic 
algorithms 144 contains an asymmetric key cryptographic algorithm 10, an optional symmetric-key cryp- 

75 tographic algorithm 11 , an asymmetric-key key generation algorithm 152, a key record encrypt algorithm 
12, and a key record decrypt algorithm 13. Key record encrypt algorithm 12 is a low-level function used by 
instruction processor 142 to encrypt a key record (PU key record or PR key record) and produce an 
encrypted key authenticator record (KAR), which serves to authenticate the key record and associated 
control vector to the cryptographic facility 30. During key generation (via the GPUPR instruction), the PU 

20 and PR key records produced by the asymmetric key key generation algorithm 152 are encrypted and then 
stored in key tokens constructed by the instruction processor. These key tokens are returned as outputs at 
51. The key record encrypt algorithm 12 is invoked by the instruction processor 142 at 14, passing a key 
record and control vector. In response, key record encrypt algorithm 12 encrypts the key record with master 
key 15, or a variant key derived from master key 15, as explained below. Key record encrypt algorithm 12 

25 also produces a key authenticator record (KAR) from the key record or from the control vector and key 
record, again as explained below. The so-produced KAR is then encrypted with master key 15, or a variant 
key derived from master key 15 (different from the variant key used to encrypt the key record), as 
explained below. Note that if the KAR was not encrypted, this might represent a security exposure, as the 
control vector and key record for a public key and the KAR generation algorithm are all assumed to be 

30 public knowledge. This would possibly allow substitution of a incorrect public key or incorrect control vector 
for the correct values, for example, in the cryptographic key data set. While the KAR for a private key may 
not need to be encrypted for security, in the preferred embodiment, it is encrypted to allow consistent 
processing of the KAR for both public and private keys. As an alternate embodiment, the KAR for the 
private key could just be the output of a strong cryptographic one-way function, such as the MDC-2 function 

35 described elsewhere. The encrypted key record and encrypted KAR are returned at 16 to the instruction 
processor 142. Key record decrypt algorithm 13 is a low-level function used by instruction processor 142 to 
decrypt a key record (PU key record or PR key record) and authenticate the key record and associated 
control vector to the cryptographic facility 30 before permitting instruction processor 142 to process or use 
the key in the decrypted key record. Many of the cryptographic instructions executing in the instruction 

40 processor 142 make use of cryptographic keys stored in key tokens and supplied as inputs at 50 to the 
instruction processor 142. Before a key can be processed or used by the instruction processor 142, it must 
be recovered. During key recovery, the encrypted PU and PR key records contained in the input key tokens 
(at 50) are decrypted and authenticated. The key record decrypt algorithm 13 is invoked at 17 by the 
instruction processor 142, passing a key record and control vector as inputs. In response, key record 

45 decrypt algorithm 13 decrypts the encrypt key record with master key 15, or a variant key derived from 
master key 15, as explained below. Key record decrypt algorithm 13 also produces a key authenticator 
record (KAR) from the recovered key record, or from the control vector and recovered key record, again as 
explained below. The key record decrypt algorithm 13 then decrypts the encrypted KAR and compares the 
recovered value of KAR and the generated or produced KAR for equality. If the two values of KAR are 

50 equal, the key record decrypt algorithm 13 returns the recovered key record and a return code (e.g., 
RC = 0) indicating that the key record has been successfully authenticated via the KAR. Otherwise, if the two 
value of KAR are unequal, the key record decrypt algorithm 13 returns only a return code (e.g., RC = 1) 
indicating that the key record has failed to be authenticated via the KAR. 

Fig. 16 is block diagram illustration of a first embodiment of the key record encrypt algorithm 12. The 

55 first embodiment of the invention covers the case where the cryptographic system implements both a 
symmetric key algorithm and an asymmetric key algorithm, and where the master key used to encrypt the 
key records in the key tokens stored outside the cryptographic facility is a symmetric key KM. Referring 
now to Fig. 16, the inputs (a) key record and (b) control vector are read at step 500. Key record is the key 
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record to be encrypted and control vector is key-related data, or data related to the key stored in key 
record. Control vector is the same control vector stored in the key token, as described in Fig. 11 . At step 
501, a hash value HASH1 is calculated on the control vector using hash algorithm hal. For example, when 
the master key is a 128-bit DEA master key, HASH1 can be a 128-bit MDC calculated with the MDC-2 
5 algorithm of Fig. 5. At step 502, hash vectors HI and H2 are calculated from HASH1. For example, when 
the master key is a 128-bit DEA master key and HI and H2 are both 128-bit hash vectors, the procedure for 
calculating HI and H2 is as follows. The 128-bit hash vector HI is calculated from HASH1 as follows: 

1. Set bit 30 of HASH1 equal to B'O'. 

2. Set bit 38 of HASH1 equal to B'V. 

10 3. Set bits 45. .46 of HASH1 equal to B'lO'. 

4. Set bit 62 of HASH1 equal 8^0*. 

5. For each byte in HASH1 (bits are numbered bO through b7), set bit b7 so that bits bO through b7 have 
an even number of one bits (i.e., to have even parity). 

Bits 30 and 38 are anti-variant bits whose values are set so that the resulting hash vector H is guaranteed to 
75 be different from a variant value in which each byte of the variant has the same bit pattern. Bits 45 and 46 
are set to B'10* to distinguish HI from a 64-bit control vector (bits 45. .46 equal to B'OO') and a 128-bit 
control vector (bits 45. .46 equal to B*01'). In this case, B'10' indicates that HI has been derived from a 
"long" control vector whose length exceeds 128 bits. Bit 62 indicates whether the control vector is 
associated with a key record (B*0*) or a key authenticator record (B'V). The 128-bit hash vector H2 is 
20 calculated from HI as follows: 

1. Set H2 equal to HI. 

2. Set bit 62 of H2 equal to BMV 

3. Invert bit 63 of H2 (i.e., the parity bit). 

Basically, H2 differs from HI only in that H1 is associated with a key record (bit 62 equals B'O') and H2 is 

25 associated with a key authenticator record (bit 62 equals B'1'). The parity bit is adjusted to maintain even 
parity. Otherwise, H1 and H2 are equal. At step 503, variant key KM + H1 is formed as the Exclusive-OR 
product of master key KM and hash vector HI and variant key KM + H2 is formed as the Exclusive-OR 
product of master key KM and control vector H2. In the event that the length of KM differs from theJength 
of HI and H2, HI and H2 can be Exclusive-ORed with a portion of KM only. Those skilled in the art will 

30 recognize that a combining operation other than the Exclusive-OR operation can be performed instead of 
the Exclusive-OR operation, without departing from the spirit of the invention. When KM is a DEA master 
key of 128 bits, then the Exclusive-OR operation calculates the Exclusive-OR product of two 128-bit values, 
which is the straightforward way in which this operation works. At step 504, the key record supplied as input 
at 500 is encrypted with variant key KM + H1 to produce the encrypted key record value eKM + H1(key 

35 record). Again, those skilled in the art will recognize that many different modes of encryption can be used 
here, since the goal is to protect the secrecy of the key record but not necessarily to pursue one single 
strategy for providing an encryption capability. For example, if the variant key KM + H1 is a 64-bit DEA key, 
then the key record can be encrypted using the Cipher Block Chaining (CBC) mode of encryption. If the 
variant key KM-«-H1 is a 128-bit DEA key, then key record can be encrypted using a variation on the CBC 

40 mode of encryption. In that case, key record is first encrypted with CBC mode using the leftmost 64 bits of 
KM + H1, the result is next decrypted with CBC mode using the rightmost 64-bits of KM + H1, and finally 
that result is encrypted with CBC mode using the leftmost 64-bits of KM + H1. An initialization vector (IV) of 
zero is used throughout the encryption and decryption operations. In each case, inverse decryption 
operations are employed in the key record decrypt algorithm, discussed below. Those skilled in the art will 

45 recognize that encryption methods other than those illustrated here can be used without departing from the 
spirit of the invention. At step 505, a hash value HASH2 is calculated on key record using hash algorithm 
ha2. Hash algorithm ha2 may be different from hash algorithm ha1 or it may be the same. For example, 
hash algorithm ha2 may be the MDC-2 algorithm of Fig. 5 and HASH2 a 128-bit MDC value. The value 
HASH2 is for practical purposes defined to be the key authenticator record (KAR). However, the KAR may 

50 contain additional data besides HASH2. At step 506, KAR is encrypted with variant key KM + H2 to produce 
the encrypted KAR value eKM + H2(KAR). Again,, those skilled in the art will recognize that many different 
modes of encryption can be used here, since the goal is to protect the integrity of the KAR by making it 
infeasible for an adversary to substitute an alternate value of KAR of his or her choosing. Since an 
adversary has no ability to exercise the encryption function using KM + H2, it is not possible to substitute an 

55 encrypted KAR value that will authenticate an encrypted key record, except by mere chance. For example, 
if the variant key KM + H2 is a 64-bit DEA key, then KAR can be encrypted using the Cipher Block Chaining 
(CBC) mode of encryption. If the variant key KM + H2 is a 128-bit DEA key, then KAR can be encrypted 
using a variation on the CBC mode of encryption as described above for the encryption of the key record. 
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In each case, inverse decryption operations are ennployed in the key record decrypt algorithm, discussed 
below. Those skilled in the art will recognize that encryption methods other than those illustrated here can 
be used without departing from the spirit of the invention. At step 507, the calculated values (a) eKM + H1- 
(key record) and (b) eKM + H2(KAR) are returned as outputs. 

5 Fig. 17 is block diagram illustration of a first embodiment of the key record decrypt algorithm 13. The 

first embodiment of the invention covers the case where the cryptographic system implements both a 
symmetric key algorithm and an asymmetric key algorithm, and where the master key used to encrypt the 
key records in the key tokens stored outside the cryptographic facility is a symmetric key KM. The key 
record encrypt algorithm 12 of Fig. 16 and the key record decrypt algorithm 13 of Fig. 17 are inverse 

10 algorithms, i.e., key records encrypted with key record encrypt algorithm 12 of Fig. 16 are decrypted with 
key record decrypt algorithm 13 of Fig. 17. Referhng now to Fig. 17, the inputs (a) control vector, (b) 
eKM + H1(key record), and (c) eKM + H2(KAR) are read at step 510. Control vector is key-related data, or 
data related to the key stored in key record. Control vector is the same control vector stored in the key 
token, as described in Fig. 11. eKM + HI (key record) and eKM + H2(KAR) are values produced by the key 

75 record encrypt algorithm 12 of Fig. 16. At step 511, a hash value HASH1 is calculated on the control vector 
using hash algorithm hal using the same method as described in step 501 of Fig. 16. At step 512, hash 
vectors H1 and H2 are calculated from HASH1 using the same method as described in step 502 of Fig. 16. 
At step 513, variant keys KM + H1 and KM + H2 are calculated from master key KM and hash vectors HI 
and H2 using the same method as described in step 503 of Fig. 16, At step 514, the encrypted key record, 

20 eKM + H1(key record), supplied as Input at 510 is decrypted with variant key KM + H1 to produce the clear 
value of key record. The method of decryption at step 514 of Fig. 17 is just the inverse operation of 
encryption at step 504 of Fig. 16. At step 515, a hash value HASH2 is calculated on key record using hash 
algorithm ha2. Step 515 of Fig. 17 is the same as step 505 of Fig. 16. At step 516, the encrypted KAR, 
eKM + H2(KAR), supplied as input at 510, is decrypted with variant key KM + H2 to produce the clear value 

25 of KAR. The method of decryption at step 516 of Fig. 17 is just the inverse operation of encryption at step 
506 of Fig. 16. At Step 517, the generated KAR Is compared for equality with the decrypted KAR. If equal, 
then a return code is set equal to "success". If unequal, then a return code is set equal to "failure" and key 
record is set equal to null (i.e., the recovered key record is erased). At step 518, the values of (a) return 
code and (b) key record are returned as outputs. If the key record authenticates properly, it is returned as 

30 an output at step 518. Otherwise a null value is returned. Those skilled in the art will recognize that there 
are other ways In which the output values can be returned or not returned. The intent here is for key record 
decrypt algorithm 13 to return the recovered key record when it authenticates properly and to not return it 
when it does not authenticate properly. The return code could be omitted from the design, if desired, 
provided that a protocol Is adopted wherein the key record has a special reserved value, say zero, to 

35 indicate a failure condition (a nonzero value indicates success). 

Fig. 18 is block diagram illustration of a second embodiment of the key record encrypt algorithm 12. 
The second embodiment of the invention covers the case where the cryptographic system implements an 
commutative asymmetric key algorithm, and where the master key is an asymmetric key pair (PUO,PRO). 
Master public key PUO is used to encrypt key records and to verify digital signatures. Master private key 

40 PRO is used to decrypt key records and to generate digital signatures. Referring now to Fig. 18, the inputs 
(a) key record and (b) control vector are read at step 520. Key record is the key record to be encrypted and 
control vector is key-related data, or data related to the key stored in key record. Control vector Is the same 
control vector stored in the key token, as described in Fig. 11. At step 521, the key record supplied as input 
at 520 is encrypted with public master key PUO to produce the encrypted key record value ePUO(key 

45 record). Since the length of key record may be greater than the block size (or modulus size) of the 
asymmetric key algorithm, an encryption means must be employed to handle "long" key records. One 
approach Is to use a means similar to Cipher Block Chaining (CBC) mode, as defined for the DEA. In this 
case, key record is divided into blocks whose length is such that each block can be encrypted with the 
asymmetric key algorithm. After each step of encryption, the so-produced ciphertext block is Exclusive- 

50 ORed with the next block of input plaintext in key record. Those skilled in the art will appreciate that there 
are many ways in which the encryption with PUO can be performed and that these various alternate means 
do not depart from the spirit of the Invention. At step 522 control vector and key record are concatenated to 
form an intermediate value called HA-IN. At step 523, a hash value HASH2 is calculated on HA-IN using 
hash algorithm ha2. For example, hash algorithm ha2 may be the MDC-2 algorithm of Fig. 5 and HASH2 a 

55 128-blt MDC value. The value HASH2 Is for practical purposes defined to be the key authenticator record 
(KAR). However, the KAR may contain additional data besides HASH2. At step 524, KAR is decrypted with 
private master key PRO to produce dPRO(KAR). In public key cryptography, the ciphertext dPRO(KAR) Is 
called a digital signature. In this case, dPRO(KAR) is a digital signature on HA-IN (the concatenation of 
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control vector and key record). At step 525, the calculated values (a) ePUO(key record) and (b) dPRO(KAR) 
are returned as outputs. 

Fig. 19 is block diagram illustration of a second embodiment of the key record decrypt algorithm 13. 
The second embodiment of the invention covers the case where the cryptographic system implements a 

5 commutative asymmetric key algorithm, and where the master key is an asymmetric key pair (PUO,PRO). 
Master public key PUO is used to encrypt key records and to verify digital signatures. Master private key 
PRO is used to decrypt key records and to generate digital signatures. The key record encrypt algorithm 12 
of Fig. 18 and the key record decrypt algorithm 13 of Fig. 19 are inverse algorithms, i.e., key records 
encrypted with key record encrypt algorithm 12 of Fig. 18 are decrypted with key record decrypt algorithm 

10 13 of Fig. 19. Referring now to Fig. 19, the inputs (a) control vector, (b) ePUO(key record), and (c) dPRO- 
(KAR) are read at step 530. Control vector is key-related data, or data related to the key stored in key 
record. Control vector is the same control vector stored in the key token, as described in Fig. 11. ePUO(key 
record) and dPRO(KAR) are values produced by the key record encrypt algorithm 12 of Fig. 18. At step 531, 
the encrypted key record, ePUO(key record), supplied as input at 530 is decrypted with private master key 

75 PRO to produce a clear key record. The step of decryption is just the inverse operation of encryption 
performed at step 521 of Fig. 18. At step 532, control vector supplied as input at 530 and key record 
recovered at 531 are concatenated to form an intermediate value called HA-IN. Step 532 is just the same as 
step 522 in Fig. 18. At step 533, a hash value HASH2 is calculated on HA-IN using hash algorithm ha2. The 
value HASH2 is for practical purposes defined to be the key authenticator record (KAR). However, the KAR 

20 may contain additional data besides HASH2. Step 533 is just the same as step 523 in Fig. 18. At step 534, 
the decrypted KAR, dPRO(KAR), is encrypted with public master key PUO to produce a clear value of KAR 
(called the recovered KAR). Note that this is the step that requires the asymmetric key algorithm be 
commutative. At step 535, the generated KAR is compared for equality with the recovered KAR. If equal, 
then a return code is set equal to "success". If unequal, then a return code is set equal to "failure" and key,. 

25 record is set equal to null (i.e., the recovered key record is erased). At step 536, the values of (a) return 
code and (b) key record are returned as outputs. If the key record authenticates properly, it is returned as 
an output at step 536. Otherwise a null value is returned. Those skilled in the art will recognize that there 
are other ways in which the output values can be returned or not returned. The intent here is for key record 
decrypt algorithm 13 to return the recovered key record when it authenticates properly and to not return it 

30 when it does not authenticate properly. The return code could be omitted from the design, if desired, 
provided that a protocol is adopted wherein the key record has a special reserved value, say zero, to^ 
indicate a failure condition (a nonzero value indicating success). - 
Those skilled in the art will recognize that step 521 in Fig. 18 could make use of a decryption operation 
using the public master key PUO and step 531 of Fig. 19 could likewise make use of an encryption 

35 operation using the private master key PRO. In like manner, step 524 in Fig. 18 could make use of an 
encrypt operation using private master key PRO and step 534 of Fig, 19 could make use of a decrypt 
operation using public master key PUO, as long as both the public key PUO and private key PRO remain 
secret. In fact, the choice of encrypt or decrypt at step 521 of Fig. 18 is independent of the choice of 
encrypt or decrypt at step 524 of Fig, 18, so that alternate embodiments of the invention can make use of. 

40 these alternate schemes of encryption versus decryption or decryption versus encryption. And those skilled 
in the art will recognize that these alternate embodiments do not depart from the spirit of the invention. 

Those skilled in the art will also recognize that the key record encrypt algorithm 12 of Fig. 18 and the 
key record decrypt algorithm 13 of Fig. 19 could make use of a symmetric master key KM instead of a 
public and private master key (PUO, PRO), In that case, all operations performed with PUO and PRO are 

45 instead performed with KM. In an alternate approach, variant keys KM1 and KM2 (not equal to KM1) can be 
used as the master key. In this case, KMI is used in place of PUO and KM2 is used in place of PRO. This 
provides a form of cryptographic separation between the encryption and authentication components of the 
design. Thus, encryption of the key record is performed with KMI and encryption of the KAR is performed 
with KM2. Those skilled in the art will appreciate that these alternate embodiments do not depart from the 

50 spirit of the invention. 

Fig. 20 shows a functional block diagram of the cryptographic facility 30, for recovering a plurality of 
public and/or private keys from a key token for use in a plurality of public key algorithms, in response to a 
plurality of diverse cryptographic service requests. In particular. Fig. 20 depicts how two private keys, PR1 
and PR2 can be recovered from a key token accessed from the cryptographic key data set CKDS 32 for 
55 use in two different public key algorithms, to fulfill two different cryptographic service requests. The first 
request R1 is to import the encrypted DEA key ePUI(keyl), which was encrypted under a first public key 
PU1, and decrypt the key under the corresponding private key PR1 to obtain keyl, using a first public key 
algorithm A1. The second request R2 is to generate a digital signature from Data2 under a second private 
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, key PR2, using a second public key algorithnn A2. 

The key token is input from the CKDS on line 50 to the key token register 700, with the header portion 
in the component register 704 and the concatenated control vector CV, encrypted key record eKM + H1- 
(parse,Ctl,PR1,PR2) and encrypted key authentication record eKM + H2(KAR) in the component register 702. 

5 The header in register 704 defines the beginning and ending of the control vector, the encrypted key record 
and the encrypted key authentication record in register 702. The header register 704 output is connected to 
a control input of the multiplexor 706, which separates the control vector for output over line 17 to the 
control vector register 708, which separates the encrypted key record for output to the encrypted key 
record register 710 and which separates the encrypted key authentication record for output to the encrypted 

10 key authentication register 712. 

The control vector checker 714 receives the control vector CV from the register 708. If the Import DEA 
Key request R1 is the cryptographic service request which has been made, then the control vector checker 
receives R1 and performs the checking operations on CV to ensure that the key record contains a key 
which is permitted to be applied to this use. If CV satisfies the control vector checker 714, then an enabling 

75 signal "ok" Is sent to the gate 716, whose data input is connected to the output of the control vector register 
708, passing CV to the control vector input of the key record decrypt algorithm 718 and 720. If CV fails to 
pass the checks by the control vector checker 714, then the process is aborted. 

Alternately, if the Generate Digital Signature request R2 Is the cryptographic service request which has 
been made, then the control vector checker receives R2 and performs the checking operations on CV to 

20 ensure that the key record contains a key which is permitted to be applied to this use. If CV satisfies the 
control vector checker 714, then an enabling signal "ok" is sent to the gate 716, whose data input is 
connected to the output of the control vector register 708, passing CV to the control vector input of the key 
record decrypt algorithm 718 and 720. If CV fails to pass these checks by the control vector checker 714, 
then the process is aborted. 

25 The key record decrypt algorithm 13 in the flow diagram of Fig. 17 is executed by the functional blocks 

718, 720, 722, 724, and 726 of Fig. 20. Two functional blocks, 718 and 720, are arranged in parallel and are 
labeled "Key Record Decrypt Algorithm", in Fig. 20, to provide a clear description of the decryption 
operations on the encrypted key record and on the encrypted key authentication record. However, in the 
preferred embodiment of the invention, the two functional blocks 718 and 720 would be combined into a 

30 single Key Record Decrypt Algorithm which would operate sequentially on the encrypted key record and on 
the encrypted key authentication record. Doing so enables second hash vector H2 to be produced from first 
hash vector HI by changing only a single bit in HI. The key record decrypt algorithm 718 receives CV and 
performs the hashing operation described in steps 511 and 512 of Fig. 17, producing the hash vector HI. 
The master key KM is input from register 15 and the exclusive OR product with HI is formed, yielding the 

35 variant key KM + H1, as described in step 513 of Fig. 17. The second key record decrypt algorithm 720 
receives CV and performs the hashing operation described in steps 511 and 512 of Fig. 17, producing the 
second hash vector H2. The master key KM is input from register 15 and the exclusive OR product with H2 
is formed, yielding the second variant key KM + H2, as described in step 513 of Fig, 17. The first key record 
decrypt algorithm 718 then uses the variant key KM + H1 to decrypt the encrypted key record, as described 

40 in step 514 of Fig. 17, yielding the key record (parse,Ctl,PR1 ,PR2). The key record from key record decrypt 
algorithm 718 Is Input to the hash algorithm 724, to produce the computed key authentication record (KAR), 
as described in step 515 of Fig. 17. Then the computed key authentication record (KAR) is input to a first 
side of the comparator 726. The second key record decrypt algorithm 720 uses the variant key KM + H2 to 
decrypt the encrypted key authentication record, as described In step 516 of Fig. 17, yielding the key 

45 authentication record KAR. Then the key authentication record KAR is input to a second side of the 
comparator 726. If the comparator 726 determines that the computed (KAR) is equal to the decrypted KAR, 
then an enabling signal "yes" is output to a control input of the gate 722, to pass the key record 
(parse, Ctl,PR1,PR2) from the first key record decrypt algorithm 718 to the key record register 728. 

The key record is input to the key record register 728 over line 18, with the parse data in a first 

50 component register 730 and the concatenated control Information Ctl. first private key PR1 and second 
private key PR2 In a second component register 732. The parse data In register 730 defines the beginning 
and ending of the control information Ctl, the first private key PR1 and the second private key PR2 In 
register 732. The parse data register 730 output is connected to a control input of the multiplexor 734, 
which separates the control information Ctl for output through register 736 to the public key algorithms 10 

55 and 10*, which separates the first private key PR1 for output through register 738 to the gate 742 and which 
separates the second private key PR2 for output through register 740 to the gate 744. 

Gate 742 has a control input connected to receive the Import DEA Key request signal R1, which 
enables the passing of the first private key PR1 to the first public key algorithm A1 at 10. The encrypted 
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DEA key ePU1(key1) which was encrypted under a first public key PU1, is input to the operand input of the 
first public key algorithm A1. The control information Ctl input to the first public key algorithm A1 describes 
the key type for the first private key PR1 (I.e., specifies PR1 is a decryption key). Using the first private key 
PR1, the public key algorithm A1 at 10 decrypts the encrypted DEA key ePU1(key1), which was encrypted 

5 under a first public key PU1 , to obtain the clear text key1 . 

Gate 744 has a control input connected to receive the Generate Digital Signature request signal R2, 
which enables the passing of the second private key PR2 to the second public key algorithm A2 at 10'. The 
clear text Data2 expression is input to the operand input of the second public key algorithm A2. The control 
information Ctl input to the second public key algorithm, A2 describes the key type for the second private 

10 key PR2 (i.e., specifies PR2 is a decryption key). Using the second private key PR2, the public key 
algorithm A2 at 10* "decrypts" the clear text Data2 expression to obtain the requested digital signature. 

Alternate embodiments of the functional block diagram of Fig. 20 can include providing a single key 
record decrypt algorithm which sequentially performs the functions of algorithms 718 and 720. Another 
alternate embodiment can include providing a single public key algorithm which sequentially performs the 

75 functions of algorithms 10 and 10*. Another alternate embodiment can include storing Keyl in a key block 
and receiving and processing the key in the encrypted form ePU1(key block). In that case, the output from 
public key algorithm A1 is a key block containing Keyl. Another alternate embodiment eliminates the 
control information in the key record specifying that the key is a private key or a public key. Instead, the 
public key algorithms A1 and A2 include a control line indicating encryption or decryption, which is set by 

20 cryptographic facility 30 on the basis of the type of cryptographic operation requested. For example, for 
requests R1 and R2, cryptographic facility 30 will know that the key record contains a private key and that 
decryption with the private key is required. Thus, a decryption signal can be sent on the control line to the 
public key algorithms, A1 and A2. 

Key Tokens and Key Units; Thus far the described invention has taught that a key token Is produced within.. 

25 the cryptographic facility (CF) 30 from a control vector and a key record, as shown in Fig. 21, and the so- 
produced key tokens are stored outside CF 30 in a cryptographic key data set 32. Referring to Fig. 21, a 
key record 401 and associated control vector 400 are stored either in an internal key token 403 or an 
external key token 404. That is, a key token is either an internal key token (also referred to as a key token-, 
i.e., without the modifier 'internal') or an external key token. An Internal Key Token 403 consists of a header 

30 405, a control vector 406, and encrypted key record 407, and an encrypted authenticator 408. The 
encrypted key record 407 and encrypted authenticator record 408 are produced via key record encrypt 
algorithm 402. using as inputs control vector 400 and key record 401. Control vector 406 in internal key 
token 403 is just a copy of control vector 400, which is the control vector associated with key record 401 . 
Key record encrypt algorithm 402 is the same key record encrypt algorithm 12 of Fig. 15. An External Key 

35 Token 404 consists of a header 409, a control vector 410, and a key record 411 (i.e., a clear key record): 
Control vector 410 in external key token 404 is just a copy of control vector 400, which Is the control vector 
associated with key record 401. A key record is either a public key record (i.e., PU key record) or a private 
key record (i.e., PR key record). Likewise, an internal key token is either a internal PU key token or a 
internal PR key token, depending on whether the key token contains a PU key record or a PR key record, 

40 respectively, and an external key token is either an external PU key token or an external PR key token, 
depending on whether the key token contains a PU key record or a PR key record, respectively. 

However, it may be advantageous to permit the cryptographic facility access program (CFAP) 34 to 
store key-related information in the key token, not directly available to the CF 30 and therefore not 
convenient or possible for the CF 30 to store In the key token. Thus, it may be more practical for the CFAP 

45 34 to add certain information fields to the key token once the key token is returned to the CFAP 34 as an 
instruction output. In such situations where the CFAP is permitted to add information to the key token, a 
new set of terminology is introduced, as illustrated in Fig. 22. Thus, the internal key token 403 in Fig. 21 
becomes internal key unit 423 in Fig. 22, and external key token 404 in Fig. 21 becomes external key unit 
435 in Fig. 22. Likewise, control vector 400, key record 401, and key record encrypt algorithm of Fig. 21 are 

50 just control vector 420, key record 421, and key record encrypt algorithm 422 of Fig. 22. Likewise, header 
405, control 406, encrypted key record 407 and encrypted authenticator record 408 of Fig. 21 are Just 
header 425, control vector 426, encrypted key record 427, and encrypted authenticator record 423 of Fig, 
22. Likewise header 409, control vector 410 and key record 411 of Fig. 21 are just header 429, control 
vector 430 and key record 431 of Fig. 22. Referring again to Fig. 22, internal key token 434 contains IKU 

55 423 as well as other data 432 supplied by CFAP 34. Likewise, external key token 435 contains EKU 424 as 
well as other data 433 supplied by CFAP 34. Where convenient, the terminology tKU (i.e., interna! key unit) 
and EKU (I.e., external key unit) will be used in lieu of internal key token and external key token when it Is 
necessary to refer to quantities produced by CF 30. 
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Public Key Cryptographic Design: Full features and apparatus of the invention, which is referred to herein as 
the Public Key Cryptographic Design (PKCD), are now described. The reader will appreciate that the 
methods used for key record encryption and decryption described earlier are essential for coupling the 
usage control to a key in a public key cryptosystem. The reader will also notice that although alternate 
5 ennbodiments have been discussed earlier for key record encryption and decryption, only the first 
ennbodiment of Fig, 16 and Fig. 17 is incorporated in the PKCD. 

COMPONENTS OF THE CRYPTOGRAPHIC FACILITY 

70 The Cryptographic Facility contains three major components: 
o Instruction Processor 
o Cryptographic Algorithms 
o CF Environment 

;5 INSTRUCTION PROCESSOR 

Fig. 23 is a block diagram illustration of the components of the Instruction Processor. They are: 
o INSTRUCTIONS: The CF instructions are invoked at the CFAP-To-CF interface. They provide the 

following cryptographic services to the CFAP: 
20 System Digital Signatures 

Application Digital Signatures 

Key Management 

CKDS Update 

CF Backup 
25 CF Audit 

CF Initialization 

CF Configuration 

CF Control 

Utility 

30 0 INTERNAL ROUTINES: The internal routines are invoked only from within the CF. Collectively they 
represent a set of algorithms and processing functions that are common to many CF instructions. The 
internal routines have been specified to simplify the architectural description and definition, and to 
make each instruction's functional specification precise and less apt to contain errors and ambiguities. 
Although the internal routines are an integral part of the instruction functional specifications, an 

35 implementer may elect to implement the instructions and internal routines in a way that best suits or 

optimizes the particular implementation, 
o CONFIGURATION TABLE: The Configuration Table is a collection of constants that may vary in value 
from one implementation to another. The Configuration Table permits the Instructions and Internal 
Routines to be defined in a more general and open-ended way. Unlike the CF Environment, the 

40 Configuration Table is an integral part of the CF (e.g., hardware or ROS microcode). 

Fig. 24 is a block diagram illustration of the elements in the Configuration Table. 

CRYPTOGRAPHIC ALGORITHMS 

45 Fig. 25 is a block diagram illustration of the main components of Cryptographic Algorithms of the CF. 

The Cryptographic Algorithms components are these: 
o DATA ENCRYPTION ALGORITHM (DEA): The DEA is described in the American National Standards 
Institute (ANSI) Data Encryption Algorithm (DEA) X3.92-1981. The DEA is a symmetric algorithm 
which encrypts or decrypts a 64 bit input with a 64 bit key to produce a 64 bit output. The 64 bit key 
50 specified to the algorithm consists of 56 key bits used by the algorithm and 8 non-key bits, which 

optionally may be used for error detection. According to ANSI X3.92-1981, the 8 non-key bits MAY be 
used for error detection.. On the other hand, according to FIPS PUB 46, the 8 non-key bits SHALL be 
used for error detection and more specifically the error detection is based on byte-by-byte odd parity. 
Although the Symmetric Key Cryptographic Algorithm can be an optional component of the Cryp- 
55 tographic algorithms 144 shown in Fig. 15, the DEA is a required component in the PKCD, as it is 

needed for key record encryption and decryption, 
o PUBLIC KEY ALGORITHM (PKA): PKA is a generic term referring to one of several possible public 
key algorithms. The PKCD does not specify the use of a particular PKA. However, the PKA must 
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permit key distribution to be based on a key server concept wherein a DEA key, randomly generated 
and encrypted with a public key of a receiving device, is served to a receiving device where it is 
decrypted with the private key of the receiving device and reencrypted under the master key. The 
PKA must also permit generation and verification of digital signatures. A digital signature is produced 
5 by decrypting a signature record, containing a hash value, with a private key. A digital signature is 

verified by encrypting the signature with a public key and comparing hash values. The PKCD also 
permits key distribution with a first PKA and digital signatures to be implemented with a second PKA. 
o PUBLIC KEY ALGORITHM KEY GENERATOR (PKAKG): PKAKG is a separate algorithm for the 
generation of keys used by the PKA. 
w Besides the main components, there are lower level algorithms, such as Key Record Encryption and 

Key Record Decryption algorithms needed for frequent encryption and decryption of public and private 
keys, as discussed earlier. 



CF ENVIRONMENT 
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Fig. 26 is a block diagram illustration of the components of the CF Environment. 
The CF Environment components are these: 
o CONFIGURATION VECTOR: The configuration vector is a collection of encoded fields that limit or 
restrict the operation of the cryptographic facility. The configuration vector is set to a default value via 
20 execution of the Enter Initialization State (EIS) instruction, or it may be set to an installation-specified 

value via execution of the Load Configuration Vector (LCV) instruction, 
o STATE VECTOR: The state vector is a collection of flags and state variables that define the current 
state of the cryptographic facility. The state vector is used by the instruction processor to control the 
order in which PKCD instructions are executed. 
25 o REGISTERS: The registers contain space for the storage PKCD cryptovariables, including keys, MDC 
values, internal counters, identifiers, and control vectors, 
o MDC TABLE: The MDC table contains space for the storage of Modification Detection Codes (MDCs) 
used by the Import Public Key (IPUK) instruction to import External Key Units. Each table entry is an 
MDC calculated on an External Key Unit using a hash algorithm. 
30 o COUNTER TABLE: The Counter table contains space for the storage of counters, where each counter 
is associated with a particular PKCD instruction. Counter(i) contains a value "n" from 1 to 255, set by 
the SEF instruction, which represents the number of times instruction "i" is permitted to be executed, 
o CFPKR1 -LENGTH: The length of cfpkri in 8-byte blocks, cfpkrt is stored in the PUA Buffer and 
contains the Public Device Authentication Key (PUA). 
35 o PUA BUFFER: The PUA buffer contains space for the storage of cfpkri, which contains PUA. The 
PUA buffer is used only by the PKCD instructions, 
o CFPKR2-LENGTH: The length of cfpkr2 in 8-byte blocks. cfpkr2 is stored in the PRA Buffer and 

contains the Private Device Authentication key (PRA). 
o PRA BUFFER: The PRA buffer contains space for the storage of cfpkr2, which contains PRA. The 
40 PRA buffer is used only by the PKCD instructions. 

o SECRET PRODUCT ENVIRONMENT LENGTH: The length of the secret product environment in 
bytes. 

o SECRET PRODUCT ENVIRONMENT: The secret product environment consists of a set of the secret 
cryptographic variables unique to a product or implementation. That is, secret cryptographic variables 
45 not specified by PKCD but needed by a product. 

o NONSECRET PRODUCT ENVIRONMENT LENGTH: The length of the nonsecret product environment 
in bytes. 

o NONSECRET PRODUCT ENVIRONMENT: The nonsecret product environment consists of a set of 
the nonsecret cryptographic variables unique to a product or implementation. That is, nonsecret 
50 cryptographic variables not specified by PKCD but needed by a product, 

o EKU LENGTH: The length in bytes of the EKU in the EKU buffer. 

o EKU BUFFER: A buffer for the temporary storage of an External Key Unit (EKU) (e.g., an EKU loaded 

into the CF via an interface other than the CFAP-to-CF interface), 
o GKSP SAVE: A field used by process-mode = 1 of the Generate Key Set Pair (GKSP) instruction to 
55 save information needed by process-mode = 2 of the GKSP instruction, 

o GKSP BUFFER LENGTH: The length of GKSP Buffer in bytes, 
o GKSP RECORD LENGTH: The length of record or block in GKSP Buffer in bits, 
o GKSP BUFFER FLAG: A flag indicating the status of the record or block in GKSP Buffer, as follows: 
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- 4-255 : reserved 

- 3 : GKSP Buffer contains a record of unspecified format that must be processed to produce a 
keyblk which is then encrypted. 

- 2 : GKSP Buffer contains a keyblk of unspecified format that needs only to be encrypted. 
'5 - 1 : GKSP Buffer contains a CF DEA Key Record. 

- 0 : GKSP Buffer is empty 

o GKSP TICKET; An 8-byte pseudorandom value generated via execution of process-mode = 1 of the 
GKSP instruction. 

o GKSP BUFFER: A buffer for the storage of a key record or key block. 
70 0 IDK SAVE: A field used by process-mode = 1 of the Import DEA Key (IDK) instruction to save 
information needed by process-mode = 2 of the IDK instruction. 

o IDK BUFFER LENGTH: The length of IDK Buffer in bytes. 

o IDK RECORD LENGTH: The length of record or block in IDK Buffer in bits. 

0 IDK BUFFER FLAG: A flag indicating the status of the record or block in IDK Buffer, as follows: 
15 - 4-255 : reserved 

- 3 : IDK Buffer contains a record of unspecified format recovered from a keyblk of specified format 
recovered by process-mode = 1 of the IDK instruction by decrypting ePUM(keyblk). 

- 2 : IDK Buffer contains a keyblk of unspecified format recovered by process-mode = 1 of the IDK 
instruction by decrypting ePUM(keyblk). 

20 - 1 : IDK Buffer contains a CF DEA Key Record. 

- 0 : IDK Buffer is empty 

o IDK TICKET: An 8-byte pseudorandom value generated via execution of process-mode = 1 of the IDK 
instruction. 

0 IDK BUFFER: A buffer for the storage of a key record or key block. 

25 

CONFIGURATION VECTOR 

The configuration vector has the following specification: 
30 CONFIGURATION VECTOR: 
bits 

00.. 07 Version Number 

35 

X'OO' : reserved 

X'Or : PKCD 

X'10 - X'FP : reserved 

40 08-. 151 DEFINE field 

The DEFINE field is a vector indexed as DEFINE(i) for i = 0,1, ...,143. 
For i = 0,109 DEFINE(i) is reserved. 

For i = 110,111,...,143 DEFINE(i) pertains to the instructions of the PKCD. 
45 DEFINE(i) for i = 1 10,..., 143 has the following meaning: 
B'V : instruction is defined to the CF in the "run" state 
B'O' : instruction is not defined to CF in the "run" state 

Note: DEFINE(i) for i = 110. ...,143 pertains only to execution of instructions in the "run" state. 
A list of the instructions and their corresponding indices are provided in Fig. 27. 

50 

1 52..295 AUTH CONTROL field 

The AUTH CONTROL field is a vector indexed as AUTH CONTROL(i) for i = 0,1,..., 143. 
For i = 0,1. .-.,109 AUTH CONTROL(i) is reserved. 

55 For i = 110 143 AUTH CONTROL(i) pertains to the instructions of PKCD. 

AUTH CONTROL(i) has the following meaning: 

B'r : the LCV instruction sets AUTH(i) = B'V and ENABLE(i) = B'lr (i.e., "authorization required" 
& "disabled"). 
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B'O' : the LCV instruction sets AUTH(i) = B'O' and ENABLE(i) = B'OO' (i.e., "authorization not 
required" & "enabled"). 
A list of the instructions and their corresponding indices are provided in Fig. 27. 

5 296 CERTIFICATION 

B'V ; certification center (the device can act as a certification center) 

B'O' : not a certification center (the device cannot act as a certification center). This means the 
following; Generate Public and Private Key Pair (GPUPR) cannot generate a certification key 
70 pair; a PRC key cannot be used with the Generate Digital Signature (GDS), Generate 

Application Digital Signature (GADS), and/or Export Public Key (EPUK) instructions to generate 
a digital signature. 

297 KMP RELOAD 

B'r : if CKMP HISTORY in state vector = 0, then KMP-nnode = 1 must be specified in the ECFER 
instruction (i.e., the PKA Key Encrypting Master Key (KMP) must be reloaded at the receiving 
device). 

B'O' : no restrictions Note that this field pertains only to the ECFER instruction. 

298 KM RELOAD 

(reserved for future use) if CKM HISTORY in state vector = 0, then KM-mode = 1 must be 
specified in the ECFER instruction (i.e., the DEA key encrypting master key KM must be 
reloaded at the receiving device). 

no restrictions Note: this field pertains only to the ECFER instruction. Note: the LCV instruction 
sets this bit = B'O', which guarantees that present systems shall be compatible with future 
releases implementing the KM RELOAD bit. 

30 299..300 FLOOR-MDC field 

The FLOOR-MDC field specifies the following: 

a. The minimum THRES-MDC value that may be specified in the PRM control vector in the GPUPR 
instruction, 

b. The minimum HIST-MDC value in the PUA control vector that can be processed by the ECFER and 
ICFER instructions. 

The FLOOR-MDC field has the following meaning: 

B'ir : The referenced THRES-MDC or HIST-MDC must have a value = B'11. 
B'lC : The referenced THRES-MDC or HIST-MDC must have a value ^ B'10. 
B'Or : The referenced THRES-MDC or HIST-MDC must have a value ^ B'01 . 
B'OO' : reserved 

Note that the FLOOR-MDC field controls the processing of PU keys in the GPUPR, ECFER, and ICFER 
instructions. 

45 301 ..302 KMGT PROTOCOL (i.e., key management protocol via the GKSP and IDK instructions). 

B'11': CKMGT & PKMGT (i.e., certification center and private key management protocols are 
enabled). 

B'10' : CKMGT (i.e., certification center key management protocol is enabled) 
B'01' : PKMGT (i.e., private l<ey management protocol is enabled) 
B'OO' : none 
Notes: 

a) KMGT PROTOCOL = B'11' means that the key-management-protocol parameter in the GKSP and 
IDK instructions may be 0 or 1. 

b) KMGT PROTOCOL = B'10' means that the key-management-protocol parameter in the GKSP and 
IDK instructions may only be 1. 

c) KMGT PROTOCOL = B'01' means that the key-management-protocol parameter in the GKSP and 
IDK instructions may only be 0. 
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d) KMGT PROTOCOL = B'OO' means that key management via the GKSP and IDK instructions is not 
permitted. 

303. .304 BKUP PROTOCOL (I.e., protocol for CF-environment backup via the ECFER and ICFER Instruc- 
5 tions). 

B'11' : PBKUP (private protocol, i.e., no restriction on how PDA is imported) 
BMO' : CBKUP2 (certification center protocol where the PUA control vector has HIST-CHAIN = 3) 
B'Or : CBKUP1 (certification center protocol where the PUA control vector has HIST-CHAIN = 2) 
10 B'OO' : no backup permitted 

Note that the specification matches that of the protocol-mode parameter in the ECFER and ICFER 

instructions. 

The BKUP PROTOCOL field is valid only when DEFINE(ECFER) = B'1 ' or DEFINE(ICFER) = B' V. 
75 3 05 KREG field 



The KREG field defines the key registration mode or modes permitted for certification center key 
management and for certification center backup, as follows: 
1 : restricted mode 
20 0 : unrestricted mode 

Note: the meanings attached to restricted mode and unrestricted mode are specified by the network, i.e., 
set forth according to network security policy. 

For example, the certification center could define restricted mode such that the conditions in (a) or (b) must 
be satisfied, as follows: 

25 (a) PUM key registration is performed in a physically secure environment; KMP is loaded into the device 
by trusted personnel using the LFPMKP and CPMKP instructions or KMP is internally generated using 
the GNPMK instruction. 

(b) PUM key registration is not performed in a physically secure environment, but the External Key Unit 
containing PUM (sent to the certification center for registration) is signed with a PRA key which has been 
30 independently validated by the certification center as originating from within the said device. KMP is 
internally generated using the GNPMK instruction. 
Both (a) and (b) represent very 'high security' modes. 



306 INTERCHANGE 

35 

B'r : interchange (the device can act as an interchange device) A PRA, PRM, and PRU key can be 

used with the GDS instruction to generate digital signatures. 
B'O' : not interchange (the device cannot act as an interchange device). A PRA, PRM, and PRU key 

cannot be used with the GDS instruction to generate digital signatures. 

40 

307..308 SIG-COMPATIBILITY field 



The SIG-COMPATIBILITY field is a vector indexed as COMPATIBILITY(i) for i = 0 and 1. 
For i = 0, SIG-COMPATIBILITY(i) pertains to the IPUK instruction. 
45 For i = 1, SIG-COMPATIBILITY(i) pertains to the IDK instruction. 
SIG-COMPATIBILITY(i) has the following meaning: 

BM' : the instruction does not require CF authentication of system signatures. 

B'O* : the instruction requires CF authentication of system signatures. 

50 309..511 reserved, set := 203 B'O'. 



DEFAULT CONFIGURATION VECTOR 



The default configuration vector is the value of the configuration vector automatically set via execution 
55 of an EIS instruction. The value of the default configuration vector in 8 groups of 16 hexadecimal digits per 
group is as follows: 

1. X'OIFFFFFFFFFFFFFF' 

2. X'FFFF0000000003FF' 
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3. X'FFFFFFOOOOOOOOOO' 

4. X'OOOOOOOOOOOOOOOO' 

5. X'OOOOOOOOOOOEOOOO' 

6. X'OOOOOOOOOOOOOOOO' 

7. X'OOOOOOOOOOOOOOOO' 

8. X'OOOOOOOOOOOOOOOO' 

The default configuration vector has the following specification: 
DEFAULT CONFIGURATION VECTOR: 



bits value field 
00.. 07 (= B' 00000001') Version Number 
08. . 151 DEFINE 
08.. 79 (= 72 B'l') Reserved 
80.. 117 (= 38 B'O') reserved 
118.. 151 (= 34 B'l') PKCD instructions (VADS thru 

VIKU) 

152.. 295 (= 144 B'O') AUTH CONTROL 

296 (= B'O') CERTIFICATION (not certification 
25 center) 

297 (= B'O') KMP RELOAD (no restrictions) 

298 (= B'O') KM RELOAD (no restrictions) 
299.. 300 (= B'Ol') FLOOR-MDC field (The referenced 

THRES-MDC 
or HIST-MDC must have a value 
> B'Ol' • ) 

35 301.. 302 {= B'll') KMGT PROTOCOL (CKMGT and PKMGT 

modes ) 

303.. 304 (- B'OO') BKUP PROTOCOL (backup not 

permitted) 

40 



305 (= B'O') KREG field (unrestricted mode) 

306 (= B'O') INTERCHANGE (not an interchange) 

307 (= B'O') SIG-COMPATIBILITY( IPUK) 

(signature required) 

308 (= B'O') SIG-COMPATIBILITY( IDK) (signa- 

ture required) 
309. .511 (= 203 B'O') reserved 
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STATE VECTOR: 

00 KP FLAG (Key Part) 

5 B'V : the KP register is in the "full" state 

B'O' :• the KP register is in the "empty" state 

01 OKM FLAG (Old DEA key encrypting master key) 

B'V : the OKM register is in the "full" state 
B*0' : the OKM register is in the "empty" state 
Note: In a subsequent release of PKCD, the existing OKM flag shall be reimplemented within the state 
vector. For the present, this field is initialized only via the ECFAR instruction (thus making it appear that the 
OKM flag is implemented within the state vector), 

02 OKM FLAG (Current DEA key encrypting master key) 

B'i; : the CKM register is in the "full" state 
B'O' : the CKM register is in the "empty" state 
20 Note: In a subsequent release of PKCD, the existing CKM flag shall be reimplemented within the state 
vector. For the present, this field is initialized only via the ECFAR instruction (thus making it appear that the 
CKM flag is implemented within the state vector). 

03.. 04 NKM FLAG (New DEA key encrypting master key) 

25 

B'11 * : reserved 

B'10' : the NKM register is in the "full" state 

B'Or : the NKM register is in the "partially full" state 

B'OO' : the NKM register is in the "empty" state 
30 Note: In a subsequent release of PKCD, the existing NKM flag shall be reimplemented within the state 
vector. For the present, this field is initialized only via the ECFAR instruction (thus making it appear that the 
NKM flag is implemented within the state vector). 

05 Reserved 

35 

06.. 12 RESERVED (= 7B'0') 

13 PROG FLAG 

^0 B'V : An executable program has been loaded 

B'O' : An executable program has not been loaded 

14 PROGMDCO FLAG (Secure loadable program MDC #0) 

^5 B'r : PROGMDCO buffer is in the "full" state 

B'O* : PROGMDCO buffer is in the "empty" state 

15 PR0GMDC1 FLAG (Secure loadable program MDC #1) 

50 B'V : PROGMDC1 buffer is in the "full" state 

B'O' : PR0GMDC1 buffer is in the "empty" state 

16.. 21 KM HISTORY field 

55 The KM HISTORY field is a vector indexed as KM HISTORY(i) for i = 0,1 ,2, where i is defined as* 

0 : OKM 

1 : CKM 

2 : NKM 
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KM HlSTORY(i) has the following meaning: 
B'11* : reserved 

B'10* : (reserved) GNDMK (i.e., the contents of the KM register were produced via execution of the 
GNDMK instruction). 

5 B'OV : (reserved) LFMKP/CMKP (i.e., the contents of the KM register were produced via execution 
of the LFMKP and CMKP instructions). 
B'OO' : indeterminate 

Note: The EPS instruction sets this field to B'OOOOOO', ensuring the present PKCD will be compatible with 
future releases of PKCD implementing code points B'OV and B'10* of the KM HISTORY field. 
10 Note: In a subsequent release of PKCD, the SMK instruction shall be modified so that the OKM HISTORY 
field is updated from the CKM HISTORY field. 

Note: In a subsequent release of PKCD, the SMK instruction shall be modified so that the CKM HISTORY 
field is updated using a method which is similar to that followed by the SPMK instruction in its management 
of the CKMP HISTORY field. The SMK instruction shall also be modified so that the CKM HISTORY field is 
75 reset to the "indeterminate" state whenever the CKM FLAG is reset to the "empty" state, and the NKM 
HISTORY field is reset to the "indeterminate" state whenever the NKM FLAG is reset to the "empty" state. 
Note: In a subsequent release of PKCD, the GNDMK instruction shall be modified to reset the NKM 
HISTORY field to B'10', and the LFMKP and CMKP instructions shall be modified to reset the NKM 
HISTORY field to B'OV. 

20 

22.. 165 AUTH field 



The AUTH field is a vector indexed as AUTH(i) for i = 0,1 ,...143. 

For i =0,1 109 AUTH(i) is reserved 

25 For i = 110, ...,143 AUTH(i) pertains to instructions of the PKCD. 
AUTH(i) has the following meaning: 

B'V : the SEF instruction can be used to enable execution of instruction or instruction mode "i" only 
after supplying appropriate proof of authorization to the CF. The level of authorization is 
determined by the implementation and can be different for each "i." 
30 B'O' : no restrictions 

AUTH(i) is not defined for the following instructions: 

(1) LPID, GDAK, LCV, since they do not execute in the "run" state. 

(2) ERS, since the specification is contradictory. 

(3) SEF. since this could lead to "lockout." 

35 A list of the instructions and their corresponding indices are provided in Fig. 27. 



166. .453 ENABLE field 



The ENABLE field is a vector indexed as AUTH(i) for i = 0,1,... 143. 

40 For i = 0,1 109 ENABLE(i) is reserved 

For i = 110. ....143 ENABLE(i) pertains to instructions of the PKCD. 
ENABLE(i) has the following meaning: 

BMV : instruction or instruction mode execution not enabled. 

BMO' : instruction or instruction mode enabled for n executions, where n (a value from 1 to 255) is a 
45 value specified by an instruction input parameter. 

B'OV : instruction or instruction mode enabled for 1 execution. 
B'OO' : instruction or instruction mode enabled for any number of executions. 
ENABLE(i) = B'OO' and ENABLE = B*ir are valid for all but the following instructions: 
(1) LPID, GDAK, LCV, since they do not execute in the "run" state- 
so (2) ERS, since the specification is contradictory. 
(3) SEF, since this could lead to "lockout." 
ENABLE(i) = B'10' is valid only for the following instructions: 

(1) CPMKP input-mode = 0 and CPMKP input-mode = 1 

(2) GPUPR mode = 0/2. 

55 ENABLE(i) = B'OV is valid only for the following instructions: 

(1) LMDCC 

(2) LMDC 

(3) LFPMK input-mode = 0 and LFPMK input-mode = 1 
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(7) GNPMK, 

(8) GNDMK, 

(9) SPMK, 

(10) ECFER 

5 A list of the instructions and their corresponding indices is provided in Fig. 27. 
454 CLONE (history bit) 



B'V : CF-environnnent has been set via the ICFER instruction. 
10 B'O' : original CF-environment 

Note: this bit Is reset to 0 via execution of an EPS instruction but not by an EiS instruction. This bit is set to 
B'V via execution of the ICFER instruction. 



455..457 KMP-HISTORY field 
75 The KMP-HISTORY field is a vector indexed as KMP-HISTORY(i) for i = 0,1,2, where 1 Is defined as: 

0 : OKMP HISTORY 

1 : CKMP HISTORY 

2 : NKMP HISTORY 

20 KMP stands for PKA Key encrypting Master key. 
KMP-HISTORY(i) has the following meaning: 

B'r : GNPMK (i.e., the contents of the KMP register were produced via execution of the GNPMK 
instruction). 

B'O* ; LFPKMP/CPMKP (i.e.. the contents of the KMP register were produced via execution of the 
25 LFPKMP and CPMKP instructions). 

Note: KMP-HISTORY(i) has meaning only when KMP-FLAG(i) Is in the "full" state. 

458..461 KMP-FLAG field 



30 The KMP-FLAG field is a vector indexed as KMP-FLAG(i) for i = 0,1,2, where i is defined as' 

0 : OKMP FLAG 

1 : CKMP FLAG 

2 : NKMP FLAG 

For I = 0 and 1, KMP-FLAG(I) is a 1 bit field with the following meaning: 
35 B'V : the KMP register is in the "full" state 

B*0' : the KMP register is in the "empty" state 
For I = 2, KMP-FLAG(i) is a 2 bit field with the following meaning: 

BM 1 • : reserved 

B'10' : the KMP register Is in the "full" state 
^0 B'Or : the KMP register is in the "partially full" state 
B'OO' : the KMP register Is In the "empty" state 

462 GDAK FLAG 



■ the PUA buffer, PRA buffer, PUACV register, and PRACV register are in the "full" state. 
B'O' : the PUA buffer, PRA buffer, PUACV register, and PRACV register are in the "empty" state. 



463 LPID FLAG 



50 B'V : the DID and EID registers are in the "full" state. 

B'O' : the DID and EID registers are In the "empty" state. 

464 LCV FLAG 



55 



B'V : a configuration vector has been loaded using an LCV instruction. 

B'O' : a configuration vector has not been loaded using an LCV Instruction. 
If CF STATE = "init" or "run", then CONFIG FLAG = B'O' indicates that a default configuration vector has 
been loaded. 
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465 EKU FLAG 

B'1' : an EKU is stored in the EKU buffer and Its length is stored in EKU Length. 

B'O* : an EKU is not stored In the EKU buffer and its length Is not stored in EKU Length. 

466..467 CF STATE 



B'11' 
B'10' 
10 B'Or 
B'OO' 



reserved 

the CF is in the "run" state 
the CF is in the "Init" state 
the CF is in the "pre-lnit" state 



Note: the CF states control instruction execution. 

468..501 EKUMDC FLAG field 

The EKUMDC FLAG field is a vector Indexed as EKUMDC FLAG(i) for 1 = 0,1 16. 

For I = 0,1,,.., 15, EKUMDC FLAG(i) has the following meaning: 

B'11' : EKUMDC(I) has been Initialized with an MDC loaded via a secure interface (e.g., via a smart 
card), 

20 B'10* : EKUMDC(I) has been initialized with the LMDCC Instruction. 

B'OV : EKUMDC(i) has been initialized via the IPUK Instruction. 

B'OO' : EKUMDC(i) Is uninitialized. 
For i = 16, EKUMDC FLAG(16) has the following meaning: 

B'11' : EKUMDC(16) has been initialized with an MDC loaded via a secure interface (e.g., via a smart 
25 card). 



B'lO' 
B'Or 
B'OO' 



EKUMDC(16) has been initialized via an LMDC instruction, 
reserved 

EKUMDC(16) is uninitialized. 



30 502 PR HISTORY 

B'1' : one or more PR have not been randomly generated inside the CF. 
B'O' : all PR have been randomly generated inside the CF. 

35 5 03 ECFER Status 

B'V : the ECFER instruction has been executed at least once (I.e., the CF environment of this device 

has been exported). 
B'O' : the ECFER instruction has not been executed. 



504 ALARM FLAG 

B'1' : Alarm has been activated 
B'O' : no Alarm 

505. .508 HIST-DOMAIN 



This field contains a domain identifier (an arbitrary value from B'OOOO' to B'1 111'). The HIST-DOMAIN field 
In the state vector is set by the ECFER instruction equal to the value of DOMAIN ID In the HIST-DOMAIN 
50 field of the PUA control vector contained in IKU1, which is input to the ECFER instruction. 

This field is valid only if the CLONE bit in the state vector is equal to B'V and BKUP PROTOCOL in the 
configuration vector is equal to B'01' (CBKUP1) or B'10' (CBKUP2). 



509. .511 reserved, set = 3 B'O'.. 
REGISTERS 

The following registers are defined by PKCD: 
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1 NKMP Register 


s 1 


128b 


New PKA Master Key Register 


1 CKMP Register 


P 1 


128b 


Current PKA Master Key Register 


1 OKMP Register 

1 


P 1 


128b 


Old PKA Master Key Register 


1 DID Register 


P 1 


128b 


Device Identifier Register 


1 EID Register 


P 1 


128b 


Environment Identifier Register 


1 PUACV Register 


P 1 


128b 


PUA Control Vector 


1 PRACV Register 


P 1 


128b 


PRA Control Vector 



25 The registers are designated as permanent (encoded with letter "P") or semi-permanent (encoded with 
letter "S"). The contents of the permanent registers must be preserved for the "life of the system." e.g., via 
a battery-backed RAM. Values stored in the permanent registers change or are changed according to an 
installation-determined schedule. The contents of the semipermanent registers must be preserved only until 
the information they contain has been processed by a OF instruction. 

30 

MDC TABLE 

The MDC Table is a vector EKUMDC(i), for i = 0,1, ...,16, where each EKUMDC(i) contains storage for a 
128 bit MDC value. 
35 Fig. 28 illustrates the organization and indexing of the MDC Table. 

The MDC Table is used by the IPUK Instruction to Import public keys, which are presented to the IPUK 
instruction in the form of an External Key Unit (EKU). For i=0,...,15, the MDC in EKUMDC(i) must be 
calculated on an EKU containing a public certification key (i.e., a PUC key) and the domain ID field in the 
control vector of the PUC key must contain the value "i". For i = 16, the MDC In EKUMDC(i) must be 
40 calculated on a EKU containing a public key management key, a public authentication key. or a public user 
key (i.e.. a PUM, PUA. or PUU key). The domain ID field can contain any value from 0 to 15. 

COUNTER TABLE 

45 The Counter Table is a vector COUNTER(i), for i = 0,1..... 143, where each COUNTER(i) contains 

storage for an 8 bit counter. For i = 113. 114. or 120, COUNTER(i) is defined. For i ^ 1 13. 1 14, or 120, 
COUNTER(i) is not defined (I.e., this portion of Counter Table Is null). 

The value of COUNTER(i) denotes the number of times that instruction "i" can be executed before 
ENABLE(i) Is set from B'10' to B'ir. Fig. 27 specifies the relationship between index and instruction name. 
50 For example, 1 = 113 denotes input-mode = 0 of the CPMKP instruction. 

Fig. 29 illustrates the organization and Indexing of the Counter Table, 

CONTROL VECTOR ENFORCEMENT 

55 Control vector enforcement Is a method which ensures that the control vectors processed by each CF 
Instruction are consistent with and in conformance with certain Instruction-unique rules and restrictions 
which limit or define the values that these control vectors may have. Control vector enforcement may be 
accomplished by. although Is not limited to, one of the following methods or combinations thereof: 
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o SPECIFY CONTROL VECTOR IN CFAP AND CHECK CONTROL VECTOR BITS IN CF: This method 
checks bits and fields within the control vector to ensure that they contain permitted values. In certain 
cases, cross checking of bits and fields among two or more control vectors is necessary to ensure 
that they contain only permitted combinations of values. 
5 o SPECIFY CONTROL VECTOR IN CFAP AND SET CONTROL VECTOR BITS IN CF: This method 
sets bits and fields within the control vector to prescribed values (i.e., by overwriting the bits and 
fields of the control vectors passed at the instruction interface), 
o GENERATE CONTROL VECTOR IN CF FROM INFORMATION SPECIFIED BY CFAP: This method 
generates control vectors from parameter information passed at the instruction interface. 
10 o TABLE LOOKUP OF CONTROL VECTOR IN CF FROM INDEX SPECIFIED BY CFAP: This method 
uses a table of control vectors stored within the CF. An index value passed at the instruction interface 
selects the control vector or vectors used by an instruction. 
For convenience, control vector enforcement is defined in this teaching using a combination of the first 
and third methods described above. Some control vectors are specified as instruction parameters and bits 
75 and fields in these control vectors are checked by the CF. Other control vectors are generated within the 
CF, e.g., it is typical for the control vector associated with the rightmost 64 bits of a 128 bit key to be 
derived from the control vector associated with the leftmost 64 bits of a 1 28 bit key. 

INITIALIZATION REQUIREMENTS 

20 

Some CF instructions process cryptovariables stored internally within the CF, which must be loaded or 
imported into the CF before instruction execution. Several CF instructions have been defined to support the 
initialization and configuration of the CF. However, PKCD does not define or specify how key parts are 
loaded into the KP register. 

25 Those CF instructions which process cryptovariables stored in the KP register, which must be loaded 

via means other than those defined in the PKCD, are listed in the following table. 



Instruction 


Cryptovariable 


CF Storage Location 


LFPMKP 
CPMKP 


key part 
key part 


KP register 
KP register 



PKCD do not define how key parts are loaded into the KP register. One possibility is for key parts to be 
loaded by authorized installation personnel via a protected, controlled interface. The physical interface 
described earlier could be used for this purpose. 

POWER ON SEQUENCE 



During each power-on, the CF executes a power-on sequence (POS) routine. The POS routine does the 
following: 

o Initialize the PRNGKEY1 and PRNGKEY2 registers with random seed keys. 

o If the content of the POS register = X'0123456789ABCDEF0123456789ABCDEF' then continue: else 
do the following: 

- Perform the EIS instruction to clear the CF environment. 

- Set POS register := X'0123456789ABCDEF0123456789ABCDEF'. 



50 
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RECORD FORMATS AND DESCRIPTIONS 

The following records are defined by PKCD: 



Record Name 


Length 


Crypto Facility PKA Key Record 


multiple of 8 bytes 


Crypto Facil.Key Authenticator Record 


multiple of 8 bytes 


Crypto Facility DEA Key Record 


64 bytes 


Crypto Facility Backup DEA Key Record 


64 bytes 


Crypto Facil. System Signature Record 


64 bytes 


Crypto Facility Environment Record 


multiple of 8 bytes 


Crypto Facility Audit Recora 


multiple of 8 bytes 


Internal Key Unit 


multiple of 8 bytes 


Clear Key Unit 


multiple of 8 bytes 


External Key Unit 


multiple of 8 bytes 


Skeleton Key Unit 


multiple of 8 bytes 



CRYPTO FACILITY PKA KEY RECORD (CFPKR) 

The Crypto Facility PKA Key Record (CFPKR) contains a public or private key used with a public key 
algorithm. If different public key algorithms are used for key distribution and digital signatures, then the 
CFPKR contains two public or two private keys-one key for key distribution and the other for digital 
signatures. The CFPKR is defined to be a multiple of 8 bytes. 

A Crypto Facility PKA Key Record has the following form: 



Offset 


Length 


Data 


(in bits) 


0 


a 


Parse 


a 


b 


Key 


c 


d 


RN (where c = a + b) 


e 


0 


End of CFPKR (where e = c + d) 
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DATA 



DESCRIPTION 



PARSE 



10 



15 



KEY 



20 



25 



30 



RN 



The parse field contains data that permits the CF to 
parse the key field. The length of the key parse field is 
not prescribed by the architecture. The key parse field 
MUST pernnit the key, or any portion of the key, to be 
uniquely identified and located in the key field. The 
parse field nnust directly or indirectly specify key 
length, such that an adversary cannot cause the CF to 
use only a portion of a key as a full key. In addition, the 
parse field contains at least 8 bytes of random data to 
act as a confounder to thwart revealing any contents of 
the encrypted CFPKR by pattern analysis by an 
adversary. 

The key field contains a PKA key. The key is either a 
public key or a private key. The key stored in the key 
field consists of one or more key variables that 
together constitute or define the key. For example, if 
the PKA is based on exponentiation modulo a number 
n, then the key consists of an exponent e and a 
modulus n. Both e and n are stored in the key field, 
and the parse field is defined in such a way to permit e 
and n to be located. Key length and format of the parse 
and key fields can be different depending on whether 
the key is a public key or a private key. If a first PKA is 
used for key distribution and a second PKA is used for 
digital signatures, then the Key field contains a pair of 
public or private keys (i.e.. a key for each algorithm). 
The fact that there are two algorithms is made 
transparent to the CFAP. 
The RN field contains a d-bit random number 
generated within the CF. The value d ranges from 0 to 
63 and is chosen so that the length of CFPKB is a 
multiple of 8 bytes. 



35 



Outside the CF, the CFPKR is encrypted under a variant key KMP.C formed as the Exclusive OR 
product of KMP and control vector C. 



CRYPTO FACILITY KEY AUTHENTICATOR RECORD (CFKAR) 

The Crypto Facility Key Authenticator Record (CFKAR) contains information functionally related to a 
single CFPKR. The CFKAR is used to authenticate a CFPKR. The CFKAR is defined to be a multiple of 8 
bytes. 

A Crypto Facility Key Authenticator Record has the following form: 



Offset 


Length 


Data 


(in bits) 


0 


a 


Key Authenticator 


a 


b 


RN 


c 


0 


End of CFPKR (where c = a + b) 
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DATA 


DESCRIPTION 


KEY AUTHENTICATOR 
RN 


The key authenticator field contains data functionally related 
to a CFPKR. 

The RN field contains a b-bit randonn number generated 
within the CF. The value b ranges from 0 to 63 and is 
chosen so that the length of CFKAR is a multiple of 8 bytes. 



Outside the CF, the CFKAR is encrypted under a variant key KMP.C formed as the Exclusive OR 
product of KMP and control vector C. 

Methods for deriving a key authenticator from a key record has been discussed in Key Record Encrypt 
Algorithm 12 of Fig. 16. 

CRYPTO FACILITY DEA KEY RECORD (CFDKR) 

The Crypto Facility DEA Key Record is produced by a GKSP instruction and is processed by an IDK 
instruction. The CFDKR is a 52 byte record. 

A Crypto Facility DEA Key Record has the following form: 
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Offset Length Data 
(in bytes) 



0 1 Record ID 
The most significant bit in a byte is the leftmost bit. 
0000 0000 - 'Crypto Facility DEA Key Record' 

1 1 Record Code 

000 xxxxx - 12 8b key-encrypting key produced by GKSP and 
processed by IDK. 

When bits 0,.2 of the above field are B • OOO ' , 
^5 bits 3., 7 are defined as follows: 

Control Vector Format 

000 xxxOO - control vector field stores hash of 128 bit C. 
000 xxxOl - control vector field stores hash of 64 bit C. 

20 

000 xxxlx - reserved 

KEY -MANAGEMENT- PROTOCOL specified in GKSP (implying IDK 
must also specify the same) 
25 OOO Oxxxx - private protocol 

000 Ixxxx - certification center protocol 

KEY-MANAGEMENT-MODE specified in GKSP (implying IDK must 
also specify the same) 

000 xOxxx - key registration is performed using mode 0 
000 xlxxx - key registration is performed using mode 1 



001 xxxxx - reserved 
Olx xxxxx — reserved 
Ixx xxxxx - reserved 
2 2 Reserved (=X'0000') 

4 16 EID - The value of EID stored in the CF Environment of 

the originating device, 
20 16 h(C), where C is a 64- or 128-bit control vector and 

h is a hash function. Basically, if C is 64 bits, then 

45 

h(C) = concat(C,C). And, if C is 128 bits, then h(C) = C. 
36 16 Key - This field contains a 128. bit odd parity adjusted 

key generated within the CF by the GKSP instruction, 

50 

CRYPTO FACILITY BACKUP DEA KEY RECORD (CFBDKR) 

The Crypto Facility Backup DEA Key Record is produced by an ECFER instruction and is processed by 
55 an ICFER instruction. The CFBDKR is a 52 byte record. 

A Crypto Facility Backup DEA Key Record has the following fornn: 
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Offset Length Data 
(in bytes) 



10 



15 



25 



30 



35 



O i Record ID 

The most significant bit in a byte is the leftmost bit. 
0000 0001 - 'Crypto Facility Backup DEA Key Record' 
^ 1 Record Code 

PROTOCOL-MODE specified in ECFER (implying ICFER must 
also specify the same) 
xxxx OOxx - invalid 

xxxx Olxx - certification center protocol where the PDA 

control vector has HIST-CHAIN=2 
xxxx lOxx - certification center protocol where the PUA 
20 control vector has HIST-CHAIN=3 

xxxx llxx - private protocol* 

KMP MODE specified in ECFER (implying ICFER must also 
specify the same) 

xxxx xxOx - KMP-mode = O has been specified in ECFER 
xxxx xxlx - KMP-mode = 1 has been specified in ECFER 
KM MODE specified in ECFER (implying ICFER must also 
specify the same) 

xxxx xxxO - KM-mode = 0 has been specified in ECFER 
xxxx xxxl - KM-mode = 1 has been specified in ECFER 



40 



Hash Rule 

Indicates the hash algorithm used to generate the 
hash. 

X'OO*: MDC-2 algorithm with 128-bit hash 
X'Ol': MDC-4 algorithm with 128-bit hash 



X'02»: MD4 algorithm with 128-bit hash 
45 X'03' - X'FFV : reserved. 

Reserved (=17 X'OO*) 

MDC - A 128-bit MDC calculated on a CFER in the CF by 
an ECFER instruction. The MDC is calculated using the 
MDC-2 hash algorithm. 

Key - This field contains a 128-bit odd parity adjusted 
key generated within the CF by the ECFER instruction, 
which may be Exclusive ORed with KM, KMP, or both 
(depending on KMP-mode and KM-mode specified in ECFER). 



36 



3 17 
20 16 

50 
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CRYPTO FACILITY SYSTEM SIGNATURE RECORD (CFSSR) 



The Crypto Facility System Signature Record is produced by one of the following instructions: ECFAR, 
EPUK, GKSP. GDS, and ECFER. The CFSSR can be processed by one or more of the following 
instructions: IPUK, IDK, VDS, and ICFER. The CFSSR is a 253-bit record. 

A Crypto Facility System Signature Record has the following form: 



Offset Length Data 
10 (in bits) 



Reserved ( =B ' 0000 ' ) 



75 



20 



Emulation 

B'l' : CFSSR created via the GDS instruction 
B*0* : CFSSR created via the instruction specified 
in the first nibble of Record Code field. 



Record ID (=B'0000 0010* for CFSSR) 



25 



13 



16 



Record Length (in bits) 

The record length is currently fixed at 
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253 bits (=:X ' OOFD * ) 



29 



10 



75 



20 



Record Code 

The first nibble indicates the CF instruction, and 
the second nibble indicates the key type of the 
private key used to generate the signature. 



First 


nibble : 


Second 


nibble: 


B'OOOO 


' - ECFAR 


B' 1000 • 


- PRC 


B'OOOl 


' - EPUK 


B'lOOl* 


- PRM 


B'OOlO 


' - GKSP 


B» 1010' 


- PRA 


B*0011 


• - ECFER 


B'lOll' 


- PRU 


B '0100 


- GDS 


B * Oxxx * 


- reserved 


B'OlOl 


- reserved 


B' llxx* 


- reserved 


B'Ollx 


- reserved 






B' Ixxx 


' - reserved 
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30 



35 



Hash Rule 

Indicates the hash algorithm used to generate the 

hash, and the rule (if any) for formatting and 

producing, from the generated hash value, the valu< 

to be stored in the Hash field. 

X'OO*: MDC-2 algorithm with 128-bit hash 

X'Ol': MDC-4 algorithm with 128-bit hash 

X'02': MD4 algorithm with 128-bit hash 

X'03' - X'FF» : reserved. 



45 



40 



208 Hash field 

The field in which the hash value is stored-right 
justified, and filled with higher order zero bits. 



45 CRYPTO FACILITY ENVIRONMENT RECORD (CFER) 

The Crypto Facility Environment Record (CFER) contains that portion of a CF Environment necessary to 
"clone" a device (i.e., by replicating the CF Environment of one device Into another device). 
The Crypto Facility Environment Record has the following form: 

50 
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10 



Offset Length 
(in bytes) 



Data 



00 
64 

64+a 
DATA 



64 Header (H) 

a Secret Part (SP) 

b Nonsecret Part (NSP) 

DESCRIPTION 



15 



HEADER 



The Header (H) contains information necessary 
to parse the CFER. H has a fixed length of 
6 4 bytes. 



20 



25 



30 



SECRET PART The Secret Part (SP) contains the secret 

part of the CF Environment to be ported • SP 
is variable length, but a multiple of 8 
bytes , 

NONSECRET PART The Nonsecret Part (NSP) contains ONLY THAT 
PART OF THE NON- SECRET PART OF THE CF 
ENVIRONMENT to be ported. NSP is variable 
length, but contains a whole number of 
bytes. 



35 



The Header has the following form: 



40 



Offset Length 
( in bytes ) 



Data 



00 
00 



64 
01 



Header 

Record ID ( =B ' 00000011 * ) 
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10 



15 



20 



25 



35 



45 



01 03 

04 04 

08 04 

12 03 

15 01 

16 04 

20 02 

22 02 

24 04 

28 36 
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Reserved (=3 X * 00 ' ) 

Length of Secret Part in 8-byte blocks; (112-ha+b)/8 
Value is coded in binary representation. 
Length of Secret Part of Product Environment in 
bytes ("a''). Value is coded in binary representation. 
Reserved (=3 X ' 00 • ) 

Length of Random Pad for Secret Part in bytes ("b"). 
Value is coded in binary representation. 
Length of Nonsecret Part in bytes; (568+d+e). 
Value is coded in binary representation. 
Reserved (=2 X'OO') 
reserved (=2 X'OO') 

Length of Nonsecret Part of Product Environment in 
bytes ("e-). Value is coded in binary representation. 
Reserved (=36 X * 00 * ) 



64 00 End of Header 

The Secret Part has the following form: 



64 il2+c Secret Part 

^0 64 112 Registers 

64 16 

80 16 

96 8 

104 8 

112 16 

128 16 

40 1 44 1 6 

160 16 

176 0 



176 a 



the PKCD) 

50 176+a b Random Pad 



CKM Register (Current DEA-key-encrypting Master key) 
OKM Register (Old DEA-key-encrypting Master key) 
PRNGCTRl Register (Pseudo-Random Number Counter #1) 
PRNGCTR2 Register (Pseudo-Random Number Counter #2) 
PRNGKEYl Register (Pseudo-Random Number Seed Key #1) 
PRNGKEY2 Register (Pseudo-Ransom Number Seed Key #2) 
CKMP Register (Current PKA-key-encrypting Master key) 
OKMP Register (Old PKA-key-encrypting Master key) 
End of Registers 
Secret Part of Product Environment 

The product environment contains information specific 
to a product implementation (beyond that called for by 



The Random Pad field contains "b" randomly generated 
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176+c 



pad bytes, where "b" is a number from 0 to 7 , The 
random pad field is adjusted so that the length of the 
Secret Part is guaranteed to be a multiple of 8 bytes. 
End of Secret Part (where c = a+b) 



The Nonsecret Part has the following form: 



w 



15 



20 



25 



30 



35 



40 



45 



50 



176+C 488+f 
176+c 64 
240+c 64 



304+c 
304+c 
320+c 
336+c 
352+c 
368+c 
384+c 
384+c 
656+c 
659+c 



80 
16 
16 
16 
16 
16 
0 

272 

3 

5 



. * The next line 
664+c d 
664+c+d e 



664+c+f O 
664+c+f O 



Nonsecret Part 
Configuration Vector 
State Vector 

The following flags are reset to reflect that the 

corresponding registers do not port: 

KP FLAG := B'O' 

NKM FLAG : = B ' 00 ' 

PIN FLAG := B'O* 

KMP FLAG(2) := B ' 00 ' 

Registers 

PROGMDCO Register (Secure Loadable Program MDC #0) 
PRCXJMDCl Register (Secure Loadable Program MDC #1) 
EID Register (Environment Identifier) 

PUACV Register (Public Device Authentication key CV) 

PRACV Register (Private Device Authentication key CV) 

End of Registers 

MDC Table 

Counter Table 

Reserved ( =X ' 0000000000 * ) 

Keeps remaining fields on an 8 byte boundary, 
is changed from PIN Tables to reserved 
reserved 

Nonsecret Part of Product Environment 

The product environment contains information specific to 
a product Implementation (beyond that called for by the 
PKCD ) . 

End of Nonsecret Part (where f - d+e) 
End of CFER 



Outside the CF, the Secret Portion of the CFER is encrypted with a 128 bit DEA key KK1 . KK1 is 
generated within the CF and encrypted with a public device authentication key PUA. The Nonsecret Portion 
of the CFER is specifically not encrypted to prevent a covert privacy channel fronn being set up when the 
CFER is used with the ECFER and ICFER instructions. 
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EXTERNAL CRYPTO FACILITY ENVIRONMENT RECORD (XCFER) 

The External Crypto Facility Environment Record (XCFER) is the same as the CFER expect that the 
Secret Part is encrypted. 
■5 The External Crypto Facility Environment Record has the following form 



70 



75 



DATA 



Offset 


Length 


Data 


(in bytes) 


00 


64 


Header (H) 


64 


a 


Encrypted Secret Part (ESP) 


64 + a 


b 


Nonsecret Part (NSP) 



DESCRIPTION 



20 



25 



30 



35 



HEADER 



The Header (H) contains information necessary to 
parse the CFER. h has a fixed length of 64 
bytes . 



ENCRYPTED SECRET PART The Encrypted Secret Part (ESP) 

contains the secret part of the CF Environment to 
be ported encrypted under a key shared with, or 
to-be-shared with, a designated receiving device. 
The length of ESP equals the length of SP . SP is 
variable length, but a multiple of 8 bytes. 



NONSECRET PART The Nonsecret Part (NSP) contains the 

40 nonsecret part of the CF Environment to be 

ported. NSP is variable length, but a whole 
number of bytes . 



CRYPTO FACILITY AUDIT RECORD (CFAR) 

The Crypto Facility Audit Record (CFAR) contains the nonsecret part of the CF Environment plus 
additional nonsecret infornnation. The CFAR is designed to be a multiple of 8 bytes. 
50 The Crypto Facility Audit Record has the following form: 



55 



Offset 


Length 


Data 


(in bytes) 


00 
64 


64 

a 


Header (H) 

Nonsecret Part (NSP) 
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DATA 



DESCRIPTION 



10 



15 



20 



HEADER The Header (H) contains information necessary to 
parse the CFAR. It also contains a random number 
(RN) field and a date and time (DT) field. The 
Header is 6 4 bytes in length. 

NONSECRET PART The Nonsecret Part (NSP) contains the 

nonsecret part of the CF Environment. NSP is 
variable length, but must be a whole number of 
bytes. The NSP in the CFAR is not the same as 
the NSP in the CFER (see Crypto Facility Environ- 
ment Record) . 



The Header has the following form: 
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10 



40 



45 



Offset Length Data 
(in bytes) 



00 01 

01 03 
04 04 



00 64 Header 

Record ID (=8*00000100') 
Reserved {-3 X'OO') 

Length of Nonsecret Part of CF Environment in bytes; 
(520+a+b+d). Value is coded in binary representation 
Reserved (=2 X'OO') 

Length of cfpkrl containing PUA ("a") in bytes. 
Value is coded in binary representation 
Reserved (=2 X'OO') 
.* Next line is changed from PIN-table-length to reserved 
02 reserved (=2 X'OO') 

Length of Nonsecret Part of Product Environment ("d") 
in bytes. Value is coded in binary representation. 
Reserved (=4 X'OO') 



08 02 

75 10 02 

12 02 

20 



25 20 04 



24 08 RN field 



32 03 



Reserved (=3 X'OO') 



35 14 DT field 

30 

15 Reserved (=15 X'OO') 

64 00 End of Header 

35 DATA DESCR I FT I ON 

RN 



50 



An 8 byte CFAP-supplied time-variant parameter. 
This field is set by the ECFAR instruction only 
when process-mode=l or process -mode=2 . This 
field is intended to be used as a nonce in a 
request/response protocol to guarantee freshness 
of the Audit record. The Certification Center 
generates and random number and sends it to the 
device to be audited in the Request-f or-Audit 
message. The device then supplies this random 
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number to the Export Cryptographic Facility Audit 
Record instruction. This results in the signed 
Audit record being sent to the Certification 

5 

Center by the Audited device with the correct 
nonce. The Certification Center is assured that 
the Audit record is current. 
10 DT A 14 character field with format YYYYMMDDHHMMSS 

containing the date and Coordinated Universal 
Time (UTC) , The characters are decimal (0 thru 
9) and are encoded using 8-bit ASCII representa- 
tion. A value of 14 'O's denotes that DT is 
uninitialized. 

20 The Nonsecret Part has the following form: 



25 



15 



30 



35 



40 



45 



50 



64 


520+e 


Nonsecret Part of OF Environment 


64 


64 


Configuration Vector 


128 


64 


State Vector 


192 


112 


Registers 


192 


16 


PROGMDCO Register 


208 


16 


PROGMDCl Register 


224 


16 


POS Register 


240 


16 


DID Register 


256 


16 


EID Register 


272 


16 


PUACV Register 


288 


16 


PRACV Register 


304 


0 


End of Registers 


304 


272 


MDC Table 


576 


3 


Counter Table 


579 


5 


Reserved (=5 X'OO') 

Keeps remaining fields on an 8 byte 


584 


a 


cfpkrl from the PUA Buffer 


. * Next 


line is 


changed from PIN Tables to reserved. 


584-i-a 


b 


reserved 


584+c 


0 


GKSP Save (not audited) 


584+c 


0 


GKSP Buffer Length (not audited) 
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10 



15 



584+c 
584+c 
584+c 
584+c 
584+c 
584+c 
584+0 
584+c 
584+c 



20 



584+e 
584+e 



0 
0 
0 
0 
O 
0 
0 
0 
d 



0 
O 



GKSP Record Length (not audited) 
GKSP Buffer Flag (not audited) 
GKSP Ticket 
IDK Save 

IDK Buffer Length 
IDK Record Length 
IDK Buffer Flag 
IDK Ticket 



(not audited) 
(not audited) 
( not audited) 
(not audited) 
(not audited) 
(not audited) 

Nonsecret Part of Product Environment (where c = a+b) 
The product environment contains information specific to 
a product implementation (beyond that called for by the 
PKCD ) . 

End of Nonsecret Part of CF Environment (where e = c+d) 
End of CFAR 



No encrypted information in the CFER ever appears in the clear in the CFAR. Specifically, this is done 
to prevent a covert privacy channel from being set up when the CFER is used with the ECFER and ICFER 
instructions. 

INTERNAL KEY UNIT (IKU) 

The IKU is an internal form of a Key Unit The Key Unit contains an encrypted CFPKR. an encrypted 
CFKAR, and information about the public or private key in the CFPKR. The IKU is designed to be a multiple 
of 8 bytes. 

The Internal Key Unit has the following form: 



offset 


Length 


Data 


(in bytes) 


00 


32 


Header (H) 


32 


a 


System Control Block (SCB) 


32 + a 


b 


User Control Block (UCB) 


32 + c 


d 


Encrypted Crypto Facility PKA Key Record (ECFPKR). c = a + b 


32 + e 


f 


Encrypted Crypto Facility Key Authenticator Record, e = c + d (ECFKAR) 
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DATA DESCRIPTION 

5 HEADER The Header (H) contains information necessary to 
parse the IKU. 

SYSTEM CONTROL BLOCK The System Control Block (SCB) 

contains information about the key in CFPKR, 
including a control vector CI. The SCB is 
managed by the system. The SCB is designed to be 
75 a multiple of 8 bytes. 

USER CONTROL BLOCK The User Control Block (UCB) 

contains information about the key in CFPKR. The 

20 

UCB is specified by the user (or installation) . 
The UCB must be a multiple of 8 bytes. 

25 ENCRYPTED CRYPTO FACILITY PKA KEY RECORD 

The Encrypted Crypto Facility PKA Key Record 
(ECFPKR) contains a CFPKR encrypted under a key 
KMP.C2 formed as the Exclusive OR product of KMP 

30 

and a control vector C2. C2 is generated from 
SCB and UCB using the method discussed in steps 
501 and 502 of the Key Record Encrypt Algorithm 
35 12 in Fig. 16. The CFPKR contains a public or 

private key. 

ENCRYPTED CRYPTO FACILITY KEY AUTHENTICATOR RECORD 

40 

The Encrypted Crypto Facility Key Authenticator 
Record (ECFKAR) contains a CFKAR encrypted under 
a key KMP.C3 formed as the Exclusive OR product 
^5 of KMP and a control vector C3. C3 is generated 



from SCB and UCB using the method described in 

50 

Steps 501 and 502 of the Key Record Encrypt 
Algorithm 12 in Fig. 16. 

55 The Header has the following form: 
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10 



15 



20 



Offset Length Data 
(in bytes) 



00 32 
00 02 



02 01 

03 03 
06 02 



25 



14 02 

30 



18 02 

35 



Header (H) 

Anti-ISO field (=X'8080') 

The anti-ISO field is a 2-byte field purposely encoded 
to be invalid as the leading 2 bytes of a data record 
conforming to 'Basic Encoding Rules of ASN.l(ISO 8825) 
Record ID ( =B • 00000101 • ) 
(=3 X'OO' ) 

SCB-Length - number of 8 byte blocks in SCB. 
Value is coded in binary representation 
SCB-Length must be > 0 
08 02 (=2 X'OO' ) 

^0 02 UCB-Length - number of 8 byte blocks in UCB. 

Value is coded in binary representation 
UCB-Length must be >= o 
12 02 (=2 X'OO' ) 

ECFPKR-Length - number of 8 byte blocks in ECFPKR, 
Value is coded in binary representation 
ECFPKR-Length must be > 0 
16 02 (=2 X'OO' ) 

ECFKAR-Length - number of 8 byte blocks in ECFKAR. 
Value is coded in binary representation 
ECFKAR-Length must be > 0 
20 12 (=12 X'OO* ) 

40 ^2 0 End of Header (H) 

The System Control Block has the following form: 

45 



50 
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offset Length Data 
(in bytes) 



32 a System Control Block (SCB) 

32 16 Control Vector 

48 16 EID - Environment ID 

64 2 Reserved (set to zero) 

66 14 Tstart 

80 2 Reserved (set to zero) 

82 14 Texp 

96 4 Reserved (set to zero) 

100 4 Seq 

104 64 LDID - Logical Device Identifier 

168 64 LKN - Local Key Name 

232 64 UID - User Identifier 

296 b Optional CFAP fields 

296+b 0 End of System Control Block (SCB) 



DATA DESCRIPTION 

CONTROL VECTOR A 12 8 bit control vector associate with the 
public or private key stored in the CFPKR. The 
control vector is a CF enforced field. The 
control vector is a required field in the SCB. 



EID A 16 byte Environment ID of the crypto facility 

where IKU is created. EID is a CF enforced field 
(i.e., the CF verifies that EID equals the value 
stored in the EID register of the CF when a key 
is created and, as appropriate, verifies that EID 
is equal or not equal to the value in the EID 
45 register when an IKU is processed). Note that 

EID may exist in multiple physical devices, 
depending on the number of "cloned" CF Environ- 
ments active at any one time. EID is a required 
field in the SCB. 
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T START 



70 



75 



TEXP 



20 



25 



A 14 Character field with format YYYYMMDDHHMMSS 
containing the date and Coordinated Universal 
Time (UTC) when the IKU becomes active. The 
characters in Tstart are decimal (0 thru 9) and 
are encoded using 8-bit ASCII representation. 
Tstart is a CF enforced field (i.e., the IKU 
cannot be processed unless Tstart has passed) . A 
value of 14 ASCII 'O's denotes that Tstart is 
ignored. Tstart is a required field in the SCB. 

A 14 character field with format YYYYMMDDHHMMSS 
containing the date and Coordinated Universal 
Time (UTC) when the IKU expires. The characters 
in Texp are decimal (0 thru 9) and are encoded 
using 8-bit ASCII representation. Texp is a CF 
enforced field (i.e., the IKU cannot be processed 
when Texp has passed). A value of 14 ASCII •9's 
denotes that Texp is ignored. Texp is a required 
field in the SCB. 



30 



SEQ 



35 



A 4 byte sequence number. Seq is not a CF 
enforced field. The seq field may be used by CFAP 
to record the relative sequence of IKU in a chain 
starting with a "root" IKU. Seq is an optional 
field in the SCB. 



LDID 



40 



45 



50 



Logical Device Identifier (LDID) is the identifier 
of the logical, as opposed to physical, device to 
which IKU belongs. LDID is not a CF enforced 
field. LDID consists of 1 or more name elements 

separated by periods (i.e., xl, x2, x3 is 
stored as xl.x2.x3). Each name element x. is 1 
to 8 characters and is encoded in 8-bit ASCII 
representation. (Note that LDID is the network 
equivalent of EID. ) LDID is an optional field in 
the SCB. 
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LKN Local Key Name (LKN) is the name or local name of 

the key in IKU and is assigned by the "logical" 
device to which IKU belongs. LKN is not a CF 
enforced field. LKN consists of 1 or more name 
elements separated by periods (i.e,, xl, x2 , 
x3 is stored as xl.x2.x3). Each name element 
x^ is 1 to 8 characters and is encoded in 8-bit 
ASCII representation. LDID.LKN and UID»LKN 
constitute global key names that uniquely identify 
a key. LKN is an optional field in the SCB, 

UID User Identifier (UID) is the identifier of the 

user to which IKU belongs. UID is not a CF 
enforced field. UID consists of 1 or more name 
elements x^ separated by periods (i.e., xl, x2 , 
x3 is stored as xl.x2.x3). Each name element 
x^ is 1 to 8 characters and is encoded in 8-bit 
ASCII representation. UID is an optional field, 
in the SCB. 



30 

CLEAR KEY UNIT (CKU) 

The CKU is a clear form of an Internal Key Unit. The Key Unit contains a clear GFPKR and a clear 
CFKAR. The CKU is designed to be a nnultiple of 8 bytes. 
35 The Clear Key Unit has the following form: 



Offset 


Length 


Data 


(in bytes) 


00 


32 


Header (H) 


32 


a 


System control Block (SCB) 


32 + a 


b 


User Control Block (UCB) 


32 + c 


d 


Crypto Facility PKA Key Record (CFPKR), c = a + b 


32 + e 


f 


Crypto Facility Key Authenticator Record (CFKAR), e = c + d 



50 
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51 
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DATA DESCRIPTION 

.5 HEADER The Header (H) contains information necessary to 
parse the CKU. See below. 



10 



15 



20 



30 



35 



40 



45 



50 



SYSTEM CONTROL BLOCK 

The System Control Block (SCB) contains informa- 
tion about the key in CFPKR, including a control 
vector CI. The SCB is managed by the system. 
The SCB is designed to be a multiple of 8 bytes. 
(The SCB form in the CKU is the same as in the 
IKU. ) 



USER CONTROL BLOCK 

The User Control Block (UCB) contains information 
about the key in CFPKR. The UCB is specified by 
25 tJ^e user (or installation). The UCB must be a 

multiple of 8 bytes. (The UCB form in the CKU is 
the same as in the IKU.) 



CRYPTO FACILITY PKA KEY RECORD 

The Crypto Facility PKA Key Record (CFPKR) 
contains a public or private key. 

CRYPTO FACILITY KEY AUTHENTICATOR RECORD 

The Crypto Facility Key Authenticator Record 
(CFKAR) is used by the CF to validate the CFPKR. 

The Header has the following form; 

Offset Length Data 
(in bytes) 



00 32 Header (H) 

00 02 Anti-ISO field (=X'8080') 
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10 



75 



The anti-ISO field is a 2-byte field purposely encoded 
to be invalid as the leading 2 bytes of a data record 
conforming to 'Basic Encoding Rules of ASN.l(ISO 8825)* 

02 01 Record ID (=8*00000110*) 

03 03 Reserved (=3 X ' 00 ' ) 

06 02 SCB-Length - number of 8 byte blocks in SCB. 

Value is coded in binary representation, 
SCB-Length must be > O 
08 02 Reserved (=2 X*00') 

10 02 UCB-Length - number of 8 byte blocks in UCB. 

Value is coded in binary representation. 
UCB-Length must be >= 0 
12 02 Reserved (=2 X ' 00 M 

20 14 02 CFPKR-Length - number of 8 byte blocks in CFPKR. 

Value is coded in binary representation 
CFPKR-Length must be > O 
16 02 reserved (=2 X*00*) 

25 

18 02 CFKAR-Length - number of 8 byte blocks in CFKAR, 

Value is coded in binary representation. 
CFKAR-Length must be > 0 
30 20 12 Reserved (=12 X'OO*) 

32 0 End of Header (H) 



NOTE: The specification for System Control Block, User 
Control Block, Crypto Facility PKA Key Record, and Crypto 
Facility Key Authenticator Record are the same as those for 
the IKU. 

40 

EXTERNAL KEY UNIT (EKU) 

The EKU is an external form of a Key Unit. The Key Unit contains a clear CFPKR and infornnation about 
45 the public or private key in the CFPKR. The EKU has no encrypted or clear CFKAR. The EKU is designed 
to be a multiple of 8 bytes. 

The External Key Unit has the following form: 



Offset 


Length 


Data 


(in bytes) 


00 


32 


Header (H) 


32 


a 


System Control Block (SCB) 


32 + a 


b 


User Control Block (UCB) 


32 + c 


d 


Crypto Facility PKA Key Record (CFPKR), c = a + b 
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DATA DESCRIPTION 

5 HEADER The Header (H) contains information necessary to 
parse the EKU. 

SYSTEM CONTROL BLOCK 

fO 

The System Control Block (SCB) contains in- 
formation about the key in CFPKR, including a 
control vector CI. The SCB is managed by the 
5 system. The SCB is designed to be a multiple of 

8 bytes, (The SCB form in the EKU is the same as 
in the IKU- ) 

0 

USER CONTROL BLOCK 

The User Control Block (UCB) contains information 
about the key in CFPKR, The UCB is specified by 
5 the user (or installation) • The UCB must be a 

multiple of 8 bytes. (The UCB form in the EKU is 
the same as in the IKU. ) 

CRYPTO FACILITY PKA KEY RECORD 

The Crypto Facility PKA Key Record (CFPKR) 
contains a public or private key, although 
ordinarily only public keys occur in an EKU. 

The Header has the following form: 
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15 



20 



Offset Length Data 
(in bytes) 



OQ 32 Header (H) 

00 02 Anti-ISO field (=X'8080') 

The anti-ISO field is a 2-byte field purposely encoded 
10 to be invalid as the leading 2 bytes of a data record 

conforming to 'Basic Encoding Rules of ASN.l(ISO 8825)* 

02 01 Record ID ( =B * 00000111 • ) 

03 03 Reserved (=3 X ' 00 ' ) 

06 02 SCB-Length - number of 8 byte blocks in SCB. 

Value is coded in binary representation. 
SCB-Length must be > 0 
08 02 Reserved (=2 X'OO*) 

10 02 UCB-Length - number of 8 byte blocks in UCB* 

Value is coded in binary representation. 
UCB-Length must be >= 0 
25 12 02 Reserved (=2 X'OO') 

14 02 CFPKR-Length - number of 8 byte blocks in CFPKR. 

Value is coded in binary representation. 
CFPKR-Length must be > 0 

30 

16 02 reserved (=2 X'OO*) 

18 02 Constant (=2 X'OO*) 

20 12 (=12 X'OO' ) 

35 32 0 End of Header (H) 

NOTE: The specification for System Control Block/ User 
Control Block, and Crypto Facility PKA Key Record Record 
are the same as those for the IKU- 



40 



SKELETON KEY UNIT (SKU) 

45 

The SKU is a partially completed Key Unit, The SKU is designed to be a nnultiple of 8 bytes. 
The Skeleton Key Unit has the following form: 



Offset 


Length 


Data 


(in bytes) 


00 


32 


Header (H) 


32 


a 


System Control Block (SCB) 


32 + a 


b 


User Control Block (UCB) 
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DATA DESCRIPTION 

HEADER The Header (H) contains information necessary to 
parse the SKU- 

SYSTEM CONTROL BLOCK 

The System Control Block (SCB) contains informa- 
tion about the key in CFPKR, including a control 
vector CI, The SCB is managed by the system. 
The SCB is designed to be a multiple of 8 bytes. 
The SCB format is the same as that for the IKU. 



USER CONTROL BLOCK 

The User Control Block (UCB) contains information 
about the key in CFPKR, The UCB is specified by 
the user (or installation). The UCB is an 
optional field in the SKU. The UCB must be a 
multiple of 8 bytes. 



30 



35 



40 



The Header has the following form: 

Offset Length Data 
(in bytes) 



00 32 Header (H) 

00 02 (=X'8080') 

02 04 (=4 X'OO' ) 
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10 



75 



20 



25 



30 



06 02 SCB-Length - number of 8 byte blocks in SCB. 

Value is coded in binary representation* 

SCB-Length must be > 0 
08 02 (=2 X'OO' ) 

10 02 UCB-Length - number of 8 byte blocks in UCB, 

Value is coded in binary representation. 
UCB-Length must be >= O 

12 02 (=2 X'OO' ) 

14 02 Constant (=2 X • 00 • ) 

16 02 (=2 X'OO* ) 

18 02 Constant (=2 X'OO*) 

20 12 (=12 X*00' ) 

32 0 End of Header (H) 

NOTE: The specification for System Control Block and User 
Control Block are the same as those for the IKU. 



CONTROL VECTOR FORMATS AND DESCRIPTIONS 
AN OVERVIEW OF PKCD KEY TYPES 



Fig. 30 illustrates the PKCD control vector hierarchy. Each PKCD control vector has a CV TYPE field 
consisting of a main-type and a sub-type. The nnain-type portion of the CV TYPE field permits broad 
classes of keys and cryptovariables to be defined, whereas the sub-type portion of the CV TYPE field 
permits generic key types to be defined within each class, which are more closely associated with the 
35 functional use of the key or cryptovariable. The lefthand portion of Fig. 30 illustrates the control vector main- 
types defined by PKCD. The righthand portion of Fig. 30 illustrates the control vector sub-types defined for 
each main-type. When no sub-type distinction is made, the key or cryptovariable is generally referred to by 
its main-type. 

The PKCD names ascribed to keys are determined by a concatenation of the names associated with 
40 main-type and sub-type. The following keys are defined by PKCD: 

o Public Authentication Key 

o Public Certification Key 

o Public Key Management Key 

0 Public User Key 
45 o Private Authentication Key 

o Private Certification Key 

o Private Key Management Key 

o Private User Key 

50 GENERAL FORMAT FOR PKA CONTROL VECTORS 

The fields defined for one or more control vectors are these: 
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5 


1 

1 ALGORITHM 


j 1 

1 1 GKSP 


1 1 




1 ALGORITHM EXTENSION 




1 1 PARITY 




1 ANTIVARIANT ONE 


1 1 HIST— DOMATM Tn 


1 1 ifH USAGE 




1 ANTIVARIANT ZERO 


1 1 HIST— IPRK 




70 


1 CV TYPE 


1 1 HIST-IPUK 


1 1 RTNKMP/RTCKMP 




1 DOMAIN ID 


1 1 HIST-KREGMODE 


1 1 SOFTWARE 




1 ECPAR 


1 1 HIST-MDC 


I 1 TESTZERO , 


75 


I ECFER 


1 1 ICFER 


1 1 THRES-MDC | 




1 EPUK 


1 1 IDK 


1 1 VAL/VAL AUTHENTICATOR | 



20 



25 



I EXTENSION 
I GADS 
I GDS 



I 



I I INSTALLATION | | 
I I IPUK j I 

I I KREGMODE J | 



I I 



1 1 



30 



35 



40 



A definition of the control vector fields is provided below in alphabetical order: 
ALGORITHM <4 BITS) 

This field contains an algorithm unique code word which pernnits the CF to distinguish keys associated 
with one PKA from another. (The architecture permits the CF to implement multiple PKAs.) Each different 
PKA IS assigned a different code word. The ALGORITHM field is checked before a key is used by the PKA 
thus preventing keys associated with one PKA to be used with another PKA. The coding of this field is as 
follows: 

o B'OOOO' : RSA Algorithm (modulus size from 512 to 2048 bits) 
o B'0001 '-BM 111': reserved 

ALGORITHM EXTENSION <3 BITS) 



45 



50 



This field is an extension of the ALGORITHM field, and the coding is dependent on the value of the 
ALGORITHM field. 

For ALGORITHM field = B'OOOO', the coding of the ALGORITHM EXTENSION field is as follows" 
o B'OOO' : No restrictions 
o B'OOr : Public key exponent is 3 
o B'OlO' : Public key exponent is 2**16 + 1 
o B'0ir-B*111' : reserved 

ANTIVARIANT ONE <1 BIT) 



This field is a fixed value of BM'. 
55 ANTIVARIANT ZERO (1 BIT) 

This field is a fixed value of B'O'. 
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CV TYPE (7 BITS) 

This field indicates the type of the control vector, which is also the key type of the key with which this 
control vector is associated. The following key types are defined for PKA keys : 
5 1. B'1 110010': Public Authentication Key 

2. B'1 11 1010': Private Authentication Key 

3. B'1 110000': Public Certification Key 

4. B'1 11 1000': Private Certification Key 

5. B'1 110001': Public Key Management Key 
10 6- B'1 1 1 1001': Private Key Management Key 

7. B'1 110011': Public User Key 

8. B'1 11 1011': Private User Key 

Note that the value of the first three bits of the CV TYPE field of PKA control vectors are always B'1 11', 
as opposed to other values for DEA control vectors. 

15 

DOMAIN ID <4 BITS) 

This field contains a domain identifier (an arbitrary value from B'OOOO' to B'1 111' assigned by an 
installation). The domain ID field of all public and private keys used within a cryptographic instruction must 
20 be equal. 

ECFAR <1 BIT) 

This field indicates whether a private key PR can be used in an ECFAR instruction to generate a digital 
25 signature on a CFAR: 
o B'O' : cannot 
o B'1' : can 

ECFER <1 BIT) 

30 

In a PRA control vector, this field indicates whether a PRA key can be used in the ECFER instruction to 
generate a digital signature on an XCFER. In a PUA control vector, this field indicates whether a PUA key 
can be used to encrypt a CFBDKB. 
o B'O' : cannot 
35 o B'1' : can 

EPUK <1 BIT) 

This field indicates whether a private key can be used in an EPUK instruction to generate a digital 
40 signature on an output Externa! Key Unit (EKU). 
o B'O' : cannot 
o B'V : can 

EXTENSION <2 BITS) 

45 

This field indicates whether the control vector is a 64-bit, 128-bit, or > 128-bit control vector. In PKCD , 
all control vectors are > 128-bit control vectors. 





0 


B'OO' 


64 bit control vector base 




0 


B'OV 


the control vector is a 128-bit control vector 


50 


0 


B'lO' 


the control vector is a > 128-bit control vector 




0 


B'lr 


reserved 



GADS <1 BIT) 

55 This field indicates whether a private key (PRC, PRM or PRU) can be used in a GADS instruction to 

generate a digital signature. 
0 B'O* : cannot 
0 B'V : can 

59 
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GDS <1 BIT) 

This field indicates whether a private key (PRA, PRC. PRM or PRU) can be used in a GDS instruction to 
generate a digital signature, 
o B' 0' : cannot 
o B'r : can 

GKSP <1 BIT) 

This field indicates whether a key (PRM or PUM) can be used in a GKSP instruction 
o B'O* : cannot 
o B'1' : can 

HIST-CHAIN <2 BITS) 



75 



This field indicates a chain of history of how a public key has been imported in the IPUK instruction- 
o B'OO' : other (i.e., not B'OV, B'10'. or B'lV) 
o B'Or ; conditions stated in (a) or (b) nnust be true: 

- (a) PU in EKU1 is a PUC and is imported via import-mode = 0; 

" ^^^^ 's a PUC and is imported via import-mode = 1 ; PU in IKU2 is a PUC with HIST- 

IPUK = 1 and HIST-CHAIN = 1; PU in EKU1 and PU in IKU2 have same DOMAIN ID. 
o B'lO' : conditions stated in (c) or (d) must be true: 

- (c) PU in EKU1 is a PUM and is imported via import-mode = 1 ; PU in IKU2 is a PUC with HIST- 
IPUK=1 and HIST-CHAIN = 1; PU in EKU1 and PU in IKU1 have same DOMAIN ID. 

" ("^^ is a PUA and is imported via import-mode = 1 ; PU in fKU2 is a PUC with HIST- 

IPUK = 1 and HIST-CHAIN = 1 . 
o B'11' : conditions stated in (e) must be true: 

- (e) : PU in EKU1 is a PUA with HIST.|PUK = 0 and is imported via import-mode = 1 • PU in IKU2 is a 
PUM with HIST-IPUK = 1 and HIST-CHAIN = 2. 

30 NOTE: this field is valid only when HIST-IPUK = B'V. 

HIST-DOMAIN ID <4 BITS) 



35 



HIST-DOMAIN ID is a field in a PUA control vector used to record the value of DOMAIN ID in a PUC or 
PUM control vector. A domain identifier is an arbitrary value from B'OOOO* to B'1 11V PUA is a key in an 
EKU imported with IPUK and PUM or PUC is a key used to validate the digital signature previously 
generated on the to-be-imported EKU at the sending device. 

NOTE: this field is valid only when HIST-IPUK = B'V and either HIST-CHAIN = B'10' or HIST-CHAIN 
— B'1 1 '. 



40 



HIST-IPRK<1 BITS) 

This field indicates whether a private user key has been imported via the IPRK instruction as follows- 
o B'O' : not imported via IPRK 
^5 o B'V : imported via IPRK 

HIST-IPUK <1 BITS) 

This field indicates whether a public key (PUA. PUC. PUM. or PUU) has been imported via the IPUK 
50 instruction, as follows: 

o B'O' : not imported via IPUK 
o B*1' : imported via IPUK 
NOTE: the HIST-MDC and HIST-CHAIN fields in the control vector are valid only when HIST-IPUK in 
the control vector = B'V. HIST-KREGMODE is valid only when HIST-IPUK = B'1 ' and HIST-CHAIN = B'1 1 ' 

55 
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HIST-KREGMODE <2 BITS) 

HIST-KREGMODE is a field in a PUA control vector used to record the value of KREGMODE in a PUM 
control vector. See also KREGMODE. PUA is a key in an EKU imported with IPUK and PUM is a key used 
5 to validate the digital signature previously generated on the to-be-imported EKU at the sending device. 
O BW : KREGMODE = BW in PUM 
o B'OV : KREGMODE = B'Or in PUM 
o B'10' : KREGMODE = BMO' in PUM 
o B'11 • : reserved 

10 NOTE: this field is valid only when HIST-IPUK = B'V and HIST-GHAIN = B'ir. 

HIST-MDC <2 BITS) 

This field records IPUK information about a root PU in a chain, as follows: 
75 o B'OO' : reserved 

o B'OV : root PU was imported in IPUK using MDC-mode = 0 (i.e., no MDC) 

o B'10' : root PU was imported in IPUK using MDC-mode = 1 (i.e, with MDC) such that EKUMDC 
FLAG = B' 10V 

o B'11' : root PU was imported in IPUK using MDC-mode = 1 (i.e., with MDC) such that EKUMDC 
20 FLAG = B'ir. 

NOTE: this field is valid only when HIST-IPUK = B'V. 

ICFER <1 BIT) 

25 In a PUA control vector, this field indicates whether a PUA key can be used in the ICFER instruction to 

validate a digital signature on an XCFER. In a PRA control vector, this field indicates whether a PRA key 
can be used to decrypt an encrypted CFBDKB. 

o B'O' : cannot 

o B'1' : can 

30 

IDK<1 BIT) 

This field indicates whether a key (PRM or PUM) can be used in an IDK instruction, 
o B'O' : cannot 
35 o B'V : can 

INSTALLATION <7 BITS) 

This field represents control vector bits that are controlled/managed entirely by the installation. The 
40 INSTALLATION field is not checked/enforced by the hardware (CF). 

IPUK<1 BIT) 

This field indicates whether a public key can be used in an IPUK instruction to validate a digital 
45 signature on an input External Key Unit (EKU). 
o B'O' : cannot 
o B' 1 ' : can 

NOTE: the IPUK usage bit does not control the use of PU in an EKU to validate a signature on that same 
EKU. 

50 

KREGMODE (2 BITS) 

This field indicates the method used to register a public key management key (PUM) in a certification 
center environment. 
55 o B'OO' : PUM not registered 

o B'01 ' : PUM registered without restrictions 
o B'10' : PUM registered with restrictions 
o B'1 1 ' : reserved 
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LENGTH (16 BITS) 



This field contains a length value which directly or indirectly determines key length or key size. The 
coding and interpretation of the LENGTH field is dependent of the ALGORITHM field. 
5 For ALGORITHM = B'OOOO* (i.e., RSA) the LENGTH field contains a value from 512 to 2048 

representing nnodulus length In bits. Unless elsewhere restricted, the public and private keys can range in 
length up to the nnodulus length. The key generator shall ensure that if LENGTH = n, then a modulus is 
generated such that the value of the modulus is BM* followed by n-1 zero and one bits. 

w PARITY <16 BITS) 



75 



This is a set of bits in the control vector reserved for use by CFAP and by the the algorithm used to 
calculate the Hash Function h. The PARITY bits are used to set even byte parity on the 128-bit value H = h- 
(C) produced by applying Hash Function h to control vector C. 



PR USAGE <7 BITS) 



In a PR control vector, PR USAGE consists of architected usage bits and reserved bits. The PR USAGE 
field is also stored as history information in the associated PU control vector. 
20 The following PR USAGE subfields are defined for a PRA control vector: 

o ECFAR <1 bit) 
o EPUK <1 bit) 
o ECFER <1 bit) 
o ICFER <1 bit) 
25 o GDS <1 bit) 

The following PR USAGE subfields are defined for a PRC control vector- 
o ECFAR <1 bit) 

o RTNPMK/RTCPMK <1 bit), reserved ( = B'V) 
o EPUK <1 bit) 
30 o GDS <1 bit) 
o GADS <1 bit) 

The following PR USAGE subfields are defined for a PRM control vector: 
o ECFAR <1 bit) 

o RTNPMK/RTCPMK <1 bit), reserved ( = BT) 
35 o EPUK<1 bit) 
o GDS <1 bit) 
o GKSP <1 bit) 
o IDK <1 bit) 
o GADS <1 bit) 

40 The following PR USAGE subfields are defined for a PRU control vector: 
o ECFAR <1 bit) 

o RTNPMK/RTCPMK <1 bit), reserved ( = B'V) 
o EPUKd bit) 
o GDS <1 bit) 
45 o GADS <1 bit) 



PU USAGE (7 BITS) 



In a PU control vector, PU USAGE consists of architected usage bits and reserved bits. The PU USAGE 
50 field is also stored as history Information in the associated PR control vector. 
The following PU USAGE subfields are defined for a PUA control vector: 
o RTNPMK/RTCPMK <1 bit), reserved ( = B'1 ') 
o IPUK<1 bit) 
o ECFER <1 bit) 
55 o ICFER (1 bit) 

The following PU USAGE subfields are defined for a PUC control vector: 
o RTNPMK/RTCPMK <1 bit), reserved ( = B'1 ') 
o IPUK<1 bit) 
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The following PU USAGE subfields are defined for a PUM control vector: 
o RTNPMK/RTCPMK <1 bit), reserved ( = B'V) 
o IPUK <1 bit) 
o GKSP <1 bit) 
5 o IDK<1 bit) 

The following PU USAGE subfields are defined for a PUU control vector: 
o RTNPMK/RTCPMK <1 bit), reserved ( = B'r) 
o IPUKd bit) 

70 RTNKMP/RTCKMP <1 BIT) 

This field indicates whether a public or private key can be reenciphered in an RTNKMP or RTCKMP 
instruction: 

o B' 0* : cannot 
75 o B'1 ' : can 

NOTE: This field has a fixed value of B'V, and is enforced in the GDAK and GPUPR instruction. 
SOFTWARE <6 BITS) 

20 This field represents control vector bits that are controlled/managed entirely by CFAP. The SOFTWARE 

field is not checked/enforced by the hardware (CF). 

TESTZERO <3 BITS) 

25 This field is reserved by the CF and tested for zero. That is, TESTZERO must equal B'OOO'. 

THRES-MDC <2 BITS) 

This field is used in a PRMa control vector to establish a threshold on HIST-MDC in a corresponding 
30 PUMb control vector. The PRMa and PUMb are used together in a GKSP or IDK instruction. Note that "a" 
represents this device and "b" another device, 
o B'OO* : reserved 

o B'Or : HIST-MDC nnust be > = B'OV 
o B'10' : HIST-MDC must be > = B'10' 
35 o B'ir : HIST-MDC must be = B'H' 

VALUE/AUTHENTICATOR <1 BIT) 

The VALUE/AUTHENTICATOR field is reserved for use by the algorithm used to calculate the Hash 
40 Function h. 

The layout of control vectors for all PKCD keys are described in Figs. 31 through 38, inclusive. 
GENERAL FORMAT FOR THE HASH VECTOR 
45 A definition of the hash vector fields is provided below in alphabetical order: 

ANTIVARIANT ONE <1 BIT) 

This field is a fixed value of B'V. 

50 

ANTIVARIANT ZERO <1 BIT) 

This field is a fixed value of B'O'. 

55 EXTENSION <2 BITS) 

This field indicates whether the hash vector is produced from a 64-bit, 128-bit, or > 128-bit control 
vector. In PKCD , all hash vectors are produced from > 128-bit control vectors. 
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o B'OO' : hash vector produced from 64 bit control vector 
o B'Or : hash vector produced from 128-bit control vector 
o B'10' : hash vector produced from > 128-bit control vector 
o B'1 1 • : reserved 

5 

HASH (107 BITS) 

Jl'nn^^u^ u^^? ^'^^ ^ Modification Detection Code (MDC) produced by using 

the MDC-2 hash algorithm. The HASH field consists of bits 00. .06, 08. .14 16 22 24 29 32 37 40 44 
10 48. .54, 56. .61. 64. .70. 72. .78, 80. .86. 88. .94. 96. .102, 104. .110, 112. .118, 120.'.126 from the MDc' ' ' 

PARITY <16 BITS) 

The PARITY bits are used to set even byte parity on the 128 hash vector 

15 

VALUE/AUTHENTICATOR (1 BIT) 

The VALUE/AUTHENTICATOR field indicates whether the hash vector is associated with a value or an 
authenticator. as follows: 
20 0 B'O' : value 

o B'1' : authenticator 
The layout of the Hash vector is described in Fig. 39. 

INSTRUCTION PROCESSING 

25 

INSTRUCTION SET 

The OF instructions may be logically divided into eight functional categories: 
30 CF INITIALIZATION 

These instructions support various CF initialization, including the PKA master key. 
CF CONFIGURATION 

35 

This instruction is used to load a configuration vector into the CF. 
CF AUDIT 

40 This instruction is used to export the nonsecret portion of the CF environment. 
CF CONTROL 

These instructions are used to control instruction execution and to change CF state. 

45 

CKDS UPDATE 

These instructions are used to reencipher the keys in a CKDS from a current to a new, or an old to a 
current, PKA master key. 

50 

KEY MANAGEMENT 

These instructions are used to generate, export, and import PKCD PKA keys. They are also used to 
generate and import DEA key-encrypting keys. 

55 

SYSTEM DIGITAL SIGNATURES 

These instructions are used to generate and verify system digital signatures. 
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APPLICATION DIGITAL SIGNATURES 

These instructions are used to generate and verify application digital signatures. 
5 CRYPTO FACILITY BACKUP 

These instructions are used to export and import a CF environnnent. 
UTILITY 

10 

These instructions provide miscellaneous cryptographic functions. 
The instructions are listed by group in the following table: 



■»- + 

75 

I Table 1 (Page 1 of 3). | 
+ + + 

I INSTRUCTION NAME | INSTRUCTION MNEMONIC | 

20 + + + 

+ ^ + 

I CF INITIALIZATION: | 
+ + + 

25 

I Load Physical Identifier | LPID | 
I Generate Device Authentication Key Pair | GDAK | 
I Load First PKA Master Key Part | LFPMKP | 
30 I Combine PKA Master Key Parts | CPMKP | 
+ + + 



35 



40 



45 



50 
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I Table 1 (Page 2 of 3) 
+ 



I INSTRUCTION NAME 
+ 



INSTRUCTION MNEMONIC 



10 



15 



I Generate New PKA Master Key 

I Generate New DEA Master Key 

I Set PKA Master Key 

I Load MDC For Public Certification Key 

I Load MDC 

I Initialize Pseudo Random Number Generator 



I GNPMK 
I GNDMK 
I SPMK 
I LMDCC 
I LMDC 
I IPRNG 



20 



CF CONFIGURATION: 



I Load Configuration Vector 

-t- 



I Lev 
-+ 



25 



CF AUDIT: 



I Export Crypto Facility Audit Record 



ECFAR 



30 



I CF CONTROL: 
+ 



I 



35 



40 



I Enter Preinit State 

( Enter Init State 

I Enter Run State 

I Clear New PKA Master Key Register 

I Clear Old PKA Master Key Register 

I Set Authorization Flag 

I Set Enable Flag 



EPS 
EIS 
ERS 

CLNPMK 
CLOPMK 
SAF 
SEF 



45 



CKDS UPDATE: 



50 



Reencipher to New PKA Master Key 
Reencipher to Current PKA Master Key 



I RTNPMK 
I RTCPMK 





I 
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10 



15 



20 



25 



30 



35 



40 



45 



I Table 1 (Page 3 of 3 ) . | 
+ ^ ^ 

I INSTRUCTION NAME | INSTRUCTION MNEMONIC | 
+ ^ ^ 

+ + + 

I KEY MANAGEMENT: | 

+ + + 

I Generate Public and Private Key Pair | GPUPR | 
I Export Public Key | EPUK | 
I Import Public Key | IPUK | 
I Import Private Key | IPRK | 
I Generate Key Set PKA | GKSP | 
I Import DEA Key | IDK | 
I Verify Internal Key Unit | VIKU | 
+ + ^ 

I SYSTEM DIGITAL SIGNATURES: | 
+ + + 

I Generate Digital Signature | GDS [ 

I Verify Digital Signature | VDS [ 
+ + + 

I APPLICATION DIGITAL SIGNATURES: | 
+ + + 

I Generate Application Digital Signature | GADS | 

I Verify Application Digital Signature | VADS | 
+ + 

I CRYPTO FACILITY BACKUP: | 
+ ^ + 

I Export Crypto Facility Environment Record | ECFER | 

I Import Crypto Facility Environment Record | ICFER ( 
+ + + 

I UTILITY: | 
+ + + 

I Set and Reset Alarm | SRALM | 
+ + + 



50 
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Load Physical Device ID (LPID) 
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EQUATION: 



10 



15 



20 



25 



PID /128b/ 

— > 

/unspecified/ 

PARAMETER DEFINITIONS: 

INPUTS DESCRIPTION 

A 128 bit physical identifier of a device, 
OUTPUTS DESCRIPTION 



CC 



Condition code indicating success or failure 
of the instruction execution. 



DESCRIPTION: 



30 The Load Physical Device ID instruction pernnits a 128 bit physical identifier of a device to be loaded 
into the CF and stored in the DID and BID registers. Execution of the LPID instruction causes the DID flag to 
be set to the full state. The instruction executes only when the DID flag is in the "empty" state (Note that 
an EPS instruction must be executed in order to reset the DID flag to the "empty" state.) The DID flaq 

mnTn p'?r.'''"''°f '* °' "-^"^ instruction, and (b) it indicates whether the 

35 DID and BID registers have or have not been initialized. 

The value of PID stored in the DID register is the PID value associated with PUA and PRA (I e the PUA 

and PRA of that device). 

F,nn^r in^'f °^ ^J? "^^"^ purposes: (a) it is the value stored in the 

.n nPA J V u ^""^ ^^""^ '"^"^'''^^ ""^^'^^ *° d®^"^®' (b) it is the value stored in a 

40 DBA key record, which is used by the GKSP and IDK instructions as an antireimport value 

The 16 byte PID consists of an 8 byte network part and an 8 byte node part. The 8 byte node part 
uniquely identifies the node within a network. The 8 byte network part uniquely identifies the network The 
objective IS to arrive at a naming convention that will ensure unique PID values from one network to another 
One possibility is for the 8 byte network part to be registered (e.g., with an IBM registration center) 
45 The ECFAR instruction can be used by CFAP to read the contents of the DID and BID registers 

For reasons of security, the LPID instruction is architected such that the DID register contents cannot be 
changed without erasing the contents of the PUA and PRA buffers (i.e.. a different PID can't be assigned to 

Innh th ^ pfn '""^ "'^'^ ^""^ 'CFER instruction is architected 

such that the BID register contents cannot be changed without reinitializing the CKMP register with a new 
key. Otherwise, use of the EID buffer as an anti-reimport value would be ineffective. 
The LPID instruction executes only in the "preinit" state. 



so 
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Generate Device Authentication Key Pair (GDAK) 

EQUATION: 



10 



CI 
C2 
— > 

cc 



/128 bits/ 
/128 bits/ 

/unspecified/ 



PARAMETER DEFINITIONS: 

75 

INPUTS DESCRIPTION 

20 CI A 128 bit control vector associated with the 

generated public authentication key PUA. 



C2 A 128 bit control vector associated with the 

25 

generated private authentication key PRA. 
OUTPUTS DESCRIPTION 

30 

CC Condition code indicating success or failure 

of the instruction execution. 

35 

DESCRIPTION: 

The Generate Device Authentication Key Pair instruction generates a public and private authentication 
40 key pair, PUA and PRA. The generated keys are stored in the PUA buffer and PRA buffer in the CF, 
respectively, as Crypto Facility PKA Key Record 1 (CFPKR1) and Crypto Facility PKA Key Record 2 
(CFPKR2). The 128 bit control vectors associated with PUA and PRA are specified to the GDAK Instruction 
as inputs C1 and C2, respectively. The control vectors specify the public key algorithm and other algorithm 
related information necessary for key generation. Consistency checking is performed on Cl and C2. For 
45 example, the ALGORITHM, ALGORITHM EXTENSION, and LENGTH fields in C1 and C2 must match. 

Execution of the GDAK instruction causes the GDAK FLAG in the state vector to be set to the "full" 
state from the "empty" state. The instruction executes only when the GDAK FLAG is in the "empty" state. 
(Note that the EPS instruction must be executed to reset the GDAK FLAG to the "empty" state.) 

The GDAK FLAG serves two purposes: (a) it controls execution of the GDAK instruction, and (b) it 
50 indicates when the PUA and PRA buffers have been initialized. 
The GDAK instruction executes only in the "preinit" state. 

FUNCTIONAL SPECIFICATION: 

55 1 . Perform input parameter consistency checking: None. 
2. Perform state vector checking: 

a. Verify that CF STATE in the state vector is in the "preinit" state. 

b. Verify that GDAK FLAG in state vector is in the "empty" state. 
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Continue if checking succeeds; otherwise set CC status flag and jump to step 8. 

3. Perform control vector checking. Continue If checking succeeds; otherwise set CC status flag and 
jump to step 8. 

4. Store control vectors: 

5 a. Store C1 in PUACV Register 

b. Store C2 in PRACV Register 

5. Generate a pair of cryptographic facility PKA records cfpkri and cfpkr2 of length s1 and s2. 
respectively, where s1 and s2 are pre-selected values that indicate the number of 8 byte blocks. 

6- Store generated keys and lengths: 
10 a. Store s1 in PUA Buffer Length field in CF Environment. 

b. Store cfpkri in PUA Buffer in CF Environment. 

c. Store s2 in PRA Buffer Length field in CF Environment. 

d. Store cfpkr2 in PRA Buffer in CF Environment. 

7, Perform state vector update. 

75 a. Set GDAK FLAG to the "full" state. 

8. Produce output CC from CC status flags. 

CONTROL BLOCK AND CONTROL VECTOR CHECKING: 

20 Perform control vector checking: 

1 . Checking on C1 (associated with PUA) 

a. Verify CV TYPE = 'public authentication key' 

b. Note: checking on CV TYPE EXTENSION has been deleted. 

c. Verify RTNKMP/RTCKMP usage bit = B'1' 

25 d. Perform Control Vector Validate on C1 to validate certain fields in C1, 

e. Verify RC1 =0. 

If any of the above checking fails then stop the control vector checking and issue a condition code to 
indicate that CI is not valid. 

2. Checking on C2 (associated with PRA): 

30 a. Verify CV TYPE = 'private authentication key' 

b. Perform Control Vector Validate on C1 to validate certain fields In Cl. 

c. Verify RC1 =0. 

If any of the above checking fails then stop the control vector checking and issue a condition code to 
indicate that C2 Is not valid. 
35 3. Checking on C1 and C2: 

a. Note: checking on CV TYPE EXTENSION has been deleted. 

b. Verify ALGORITHM in Cl = ALGORITHM in C2 

c. Verify ALGORITHM EXTENSION in C1 = ALGORITHM EXTENSION in C2 

d. Verify LENGTH in 01 = LENGTH in C2 

40 e. Verify PR USAGE in 01 = PR USAGE in C2 

f- Verify PU USAGE in Cl = PU USAGE in 02 
If any of the above checking falls then stop the control vector checking and issue a condition code to 
indicate that cross checking among control vectors has failed. 

Note that there is no cross checking on (1) DOMAIN ID since this field Is not implemented in the 
45 PUA and PRA control vectors. 
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Load First PKA Master Key Port (LFPMKP) 

EQUATION: 

5 

input:-mode /lb minimum/ 

<key-part> /128b/ ; if input-mode==0 

— > 

CC /unspecified/ 



PARAMETER DEFINITIONS: 

75 

INPUTS DESCRIPTION 

INPUT-MODE specifies how t:he key part 1:o be processed 

20 

is supplied to the instruction. 



o 0 : the key part is passed via the 
25 instruction interface, i.e., via input 

parameter key-part. 



30 



40 



o 1 : the key part is retrieved from the 
internal KP register. 



KEY-PART 128 bit key part. This parameter is 

35 required only when input-mode=0 . 

OUTPUTS DE SCR I PT I ON 



CC Condition code indicating success or failure 

of the instruction execution. 



45 

DESCRIPTION: 

The Load First PKA Master Key Part instruction loads the first part of the PKA master key (KMP) into 
the NKMP (New PKA Master Key) register. An input-mode parameter indicates whether the loaded key part 

50 is passed as an input parameter at the instruction interface or whether it is retrieved from the internal KP 
register. The NKMP flag is set to the "partially full" state from the "empty" state and the NKMP History 
Flag is set to 0 (indicating that the contents of the NKMP register were loaded via the LFPMKP instruction). 
If lnput-mode= 1 , the operation is performed only if the KP flag is in the "full" state; in which case the KP 
flag is set to the "empty" state. The operation is performed only if the NKMP flag is in the "empty" state. 

55 NOTE: If input-mode - 1 , it is assumed that prior to the execution of this instruction the first PKA master key 
part has been entered into the key part register via a key-entry device, keyboard, etc., which, optionally, 
may operate only in a special authorized mode (e.g., supersecure mode enabled via a physical key- 
activated switch). 
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The LFPMKP instruction executes only in the "run" state 
Combine PKA Master Key Parts (CPMKP) 

■5 EQUATION: 

input-mode 
mode 

;q <key-part> 
— > 

cc 



/lb minimum/ 
/lb minimum/ 
/128b/ 



; if input-mode=0 



/unspecified/ 



75 



PARAMETER DEFINITIONS: 

INPUTS DESCRIPTION 



20 



INPUT-MODE 



25 



specifies how the key part to be processed 
is supplied to the instruction. 

o 0 : the key part is passed via the 

instruction interface, i,e,, via input 



30 



35 



40 



45 



50 
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parameter key-part . 

1 : the key part is retrieved from the 
internal KP register. 



MODE indicates whether the PKA master key part in 

10 the key part register is an intermediate key 

part or a last key part. 



75 



o 0 : intermediate key part 

o 1 : last key part 

20 KEY-PART 128 bit key part. This parameter is required 

only when input-mode=0 . 



OUTPUTS DESCRIPTION 

25 

CC Condition code indicating success or failure 

of the instruction execution. 

30 



DESCRIPTION: 

35 The Combine PKA Master Key Parts instruction Exclusive ORs a PKA master key part with the PKA 

master key part stored in the NKMP register and stores the result in the NKMP register. An input-mode 
parameter Indicates whether the loaded key part is passed as an input parameter at the instruction interface 
or whether it is retrieved from the internal KP register. The NKMP flag is set to the "full" state if mode = 1 
or to the "partially full" state if mode = 0. For mode = 1, the CPMKP instruction ensures that the produced 

40 value of KMP has odd parity (odd parity adjusted, if necessary) and that the left and right 64 bit parts of 
KMP are not equal. If input-mode = 1 , the operation is performed only if the KP flag is in the "full" state; in 
which case the KP flag is set to the "empty" state. The operation is performed only if the NKMP flag is in 
the "partially full" state and the NKMP History flag is zero. The instruction has no output. 
NOTE: If input-mode = 1, it is assumed that prior to the execution of this instruction a PKA master key part 

45 has been entered into the key part register via a key-entry device, keyboard, etc., which, optionally, may 
operate only in a special authorized mode (e.g., supersecure mode enabled via a physical key-activated 
switch). 

The CPMKP instruction executes only in the "run" state. 



50 Generate New PKA Master Key (GNPMK) 



EQUATION: 

() 

55 --> 



CC /unspecified/ 
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PARAMETER DEFINITIONS: 

INPUTS DESCRIPTION 

None . 

OUTPUTS DESCRIPTION 

Condition code indicating success or failure 
of the instruction execution. 

DESCRIPTION: 



The Generate New PKA Master Key instruction causes a 128 bit odd parity adjusted random number to 
be generated and stored in the NKMP register. The left and right 64 bit parts of the generated key must be 
20 unequal. The instruction executes only if the NKMP flag is in the "empty" state. Successful execution Of 
the GNPMK instruction causes the NKMP flag to be set to the "full" state from the "empty" state and the 
NKMP History flag to be set := B'V. 

The GNPMK instruction executes only in the "run" state. 

25 Generate New DEA Master Key (GNDMK) 

EQUATION: 

() 

30 ^ 

/unspecified/ 



35 

PARAMETER DEFINITIONS: 

INPUTS DESCRIPTION 

^0 None • 

OUTPUTS DESCRIPTION 



Condition code indicating success or failure 
of the instruction execution. 



DESCRIPTION: 



The Generate New DEA Master Key instruction causes a 128 bit odd parity adjusted random number to 
55 be generated and stored in the new master key register (i.e.. the NKM register). The left and right 64 bit 
parts of the generated key must be unequal. The instruction executes only if the NKM flag is in the "empty- 
state. Successful execution of the GNDMK instruction causes the NMK flag to be set to the "full" state from 
the "empty" state. 
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The GNDMK instruction executes only in the "run" state. 
Set PKA Master Key (SPMK) 
5 EQUATION: 

() 
— > 

CC /unspecified/ 
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PARAMETER DEFINITIONS: 

INPUTS DESCRIPTION 

75 

None . 

20 OUTPUTS DESCRIPTION 

CC Condition code indicating success or failure 

of the instruction execution. 

25 

DESCRIPTION: 

The Set PKA Master Key instruction transfers the contents of the CKMP register into the OKMP register 
and then transfers the contents of the NKMP register into the CKMP register. This instruction operates only 
if the NKMP flag (new PKA nnaster key flag) is in the "full" state and the left and right 64 bit parts of the key 
stored in the NKMP register are unequal. Also, if the CKMP flag is in the "fuH" state and CKMP HISTORY 
= 1, then the instruction operates only if NKMP HISTORY = 1. This guarantees that a CF-generated KMP 
can't be replaced by a CFAP-supplied KMP. 

The SPMK instruction is used to activate a new KMP after the RTNPMK instruction has been used to 
reencipher encrypted records in the CKDS from encryption under the current KMP to a new KMP. 
The SPMK instruction executes only in the "run" state. 

40 Load MDC For Public Certification Key (LMDCC) 

/4b/ 
/128b/ 

/unspecified/ 



PARAMETER DEFINITIONS: 



EQUATION: 

index-value 
^5 MDC-value 

— > 
CC 
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INPUTS 



DESCRIPTION 



INDEX-VALUE 



A 5 bit field containing an index value from 
0 to 15. 



75 



MDC -VALUE 



10 



OUTPUTS 



A 128 bit modification detection code to be 
loaded into one of 16 128-bit storage 
locations in MDC Table, designated as 
EKUMDC(O), EKUMDC(15), 

DESCRIPTION 



20 



cc 



Condition code indicating success or failure 



of the instruction execution. 



30 



35 



25 

DESCRIPTION: 

The Load MDC For Public Certification Key instruction permits a 128 bit MDC, designated MDC-value, 
to be loaded and stored in the CF in one of 16 possible storage locations in MDC Table, designated as 
EKUMDC(O), EKUMDC(15). MDC-value is stored in EKUMDC(i), where i is the value of index- value 
MDC-value contains an MDC calculated on an External Key Unit (EKU) using one of several possible 
hashing algorithms (see the hash-rule parameter of the IPUK instruction). The EKU must contain a public 
certification key PUC. (The fact that EKU contains a public certification key is verified when EKU is imported 
using the IPUK instruction.) The Load MDC For Public Certification Key instruction sets EKUMDC FLAG(i) 
equal to B'10'. 

The LMDCC instruction operates only when EKUMDC FLAG(i) = B'OO'. Other- wise, to load an MDC 
into an already occupied MDC Table location requires EKUMDC FLAG(i) to be reset to B'00\ This can be 
done only be issuing an EPS or EIS instruction. For reasons of security, the LMDCC instruction is 
architected such that the MDC Table locations EKUMDC(O) thru EKUMDC(15) cannot be changed without 
erasing the contents of the CKMP register. Thus, a certification center has the means to audit each security 
module to ensure that public certification keys have been loaded in conformance with an established 
network security policy. 

The EKUMDC FLAG serves the following purposes: (a) it controls initialization of the MDC Table via the 
LMDCC and LMDC instructions, and (b) it controls import of public keys via the "MDC-mode" parameter of 
the IPUK instruction. 

The ECFAR instruction can be used by CFAP to view the contents of the MDC Table and the EKUMDC 
FLAG field. 

The LMDCC instruction executes only in the "run" state. 
50 Load MDC (LMDC) 



40 



45 



55 



EQUATION: 



MDC-value 
— > 

CC 



/128b/ 



/unspecified/ 
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10 



15 



PARAMETER DEFINITIONS: 

INPUTS DESCRIPTION 

MDC-VAIiUE A 128 bit modification detection code to be 

loaded into EKUMDC(16). 

OUTPUTS DESCRIPTION 

CC Condition code indicating success or 

failure of the instruction execution. 

DESCRIPTION: 

20 The Load MDC instruction permits a 128 bit MDC to be loaded and stored in MDC Table storage 
location EKUMDC(16). MDC-value contains an MDC calculated on an External Key Unit (EKU) using one of 
several possible hashing algorithms (see the hash-rule parameter of the IPUK instruction). The EKU must 
contain a public key management key, a public authentication key, or a public user key (no public 
certification key). (The fact that EKU contains a public key management key, a public authentication key, or 
25 a public user key is verified when EKU is imported using the IPUK instruction.) 

Unlike the LMDCC instruction, the LMDC instruction executes regardless of the current value of 
EKUMDC FLAG(16). Execution of the LMDC instruction causes MDC-value to be loaded into EKUMDC(16) 
and EKUMDC FLAG(16) to be set equal to B'10'. 

The EKUMDC FLAG serves the following purposes: (a) it controls initialization of the MDC Table via the 
30 LMDCC and LMDC instructions, and (b) it controls import of public keys via the "MDC-mode" parameter of 

the IPUK instruction. i.^ 

The ECFAR instruction can be used by CFAP to view the contents of the MDC Table and the EKUMDC 
FLAG field. 

The LMDC instruction executes only in the "run'* state. 

35 

Initialize Pseudorandom Number Generator (IPRNG) 

EQUATION: 

— > 

CC /unspecified/ 



45 

PARAMETER DEFINITIONS: 

INPUTS DESCRIPTION 

50 

None . 



OUTPUTS DESCRIPTION 

55 
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30 



35 



40 



Condition code indicating success or failure 
of the instruction execution. 



DESCRIPTiON: 

The Initialize Pseudorandom Number Generator instruction initializes the pseudorandom number gener- 
10 ator using the method specified in the Initialize Pseudo-Random Number algorithm (Initialize Pseudo- 
random Number). The Initialize Pseudo-random Number algorithm reads the current values stored in the 
PRNGKEY1, PRNGKEY2, and PRNGCTR1 registers and calculates two new key values which are then 
stored back into the PRNGKEY1 and PRNGKEY2 registers. 

The IPRNG instruction executes in the "preinit", "init", and "run" states. 

OF CONFIGURATION 

Load Configuration Vector (LCV) 
20 EQUATION: 

conf ig-vector /512b/ 
— > 

25 /unspecified/ 



PARAMETER DEFINITIONS: 

INPUTS DESCRIPTION 

CONFIG-VECTOR A configuration vector, 

OUTPUTS DESCRIPTION 

Condition code indicating success or failure 
of the instruction execution. 



45 DESCRIPTION: 

The Load Configuration Vector instruction permits a 64 byte configuration vector to be loaded and 
stored within the CP Environment. Execution of the LCV instruction causes the LCV FLAG to be set to the 
"full" state. The LCV instruction executes only when the LCV FLAG Is in the "empty" state. The LCV FLAG 
50 can only be reset to the "empty" state via execution of an EPS or EIS instruction. In effect, the LCV FLAG 
controls LCV execution as follows: (a) If the LCV FLAG = "empty" state, then LCV instruction execution is 
enabled for one execution only, whereas (b) if the LCV FLAG = "full" state, then LCV instruction execution 
is disabled. 

Execution of the EIS Instruction causes a configuration vector in the CP Environment to be 
55 initialized/reinitialized to a "default" value. This value can be changed by executing an LCV instruction. 

For reasons of security, the LCV instruction is architected such that the configuration vector value 
stored in the CP Environment cannot be changed without erasing or invalidating the contents of the CKMP 
buffer. 
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The LCV instruction executes only in the "init" state. 
FUNCTIONAL SPECIFICATION: 

5 1 . Perform configuration vector and state vector checking: 

a. Verify that CF STATE in the state vector is in the "init" state. 

b. Verify that LCV FLAG in the state vector is in the ennpty" state. 

Continue if checking succeeds: otherwise set CC status flag and junnp to step 5. 

2. Perform consistency checking on config-vector: 
10 a. Verify Version Number = X'OV 

b. Verify KM RELOAD = B'O'. 

c. Verify DEFINE(EPS) = B'V or DEFINE(EIS) = B'V (i.e.. either EPS or EIS or both are defined to 
prevent CF-reinitialization lockout) 

d. For i = 0 to 71, do the following: 1) Verify DEFINE(i) = B'V. 2) Verify AUTH CONTROL(i) = B'O'. 
75 e. For i = 72 to start-inst-index minus 1, do the following: 

1) Verify DEFINE(i) = B'O'. 

2) Verify AUTH CONTROL(i) = B'O'. 

Continue if checking succeeds; otherwise set CC status flag and jump to step 5. 

3. Load the value of config-vector into the configuration vector. 
20 4. Perform state vector update: 

a. Set LCV FLAG to the "full" state. 

b. For i = start-inst-index to 143, process AUTH CONTROL as follows: 

1) If AUTH CONTROL(i) = B'O', then set AUTH(i) := B'O' and ENABLE(i) := B'OO' 

2) If AUTH CONTROL(i) = B'V, then set AUTH(i) := B'V and ENABLE(i) := B'lV 
25 5. Produce output CC from CC status flags. 

CONTROL VECTOR CHECKING: 



30 



None. 

Export Crypto Facility Audit Record (ECFAR) 



35 



40 



45 



50 



EQUATION: 

proce s s— mode 

PUA-key 

product-component 

<hash-rule> 

<IKUl-length> 

<IKU1> 

<RN> 

— > 

cf ar-length 
cf ar 

<dsigl-length> 

<dsigl> 

CC 



/2b minimum/ 
/lb minimum/ 
/lb minimum/ 
/3b minimum/ 
/16b/ 

/ unspecif ied/ 
/64b/ 

/16b/ 

/unspecified/ 
/16b/ 

/unspecified/ 
/unspecified/ 



; if process-mode ~ (1 or 2) 

; if process-mode = 2 

; if pr oces s -mode - 2 

; if process-mode = ( 1 or 2 ) 



f if process-mode = (1 or 2) 
; if process-mode = (1 or 2) 



55 

PARAMETER DEFINITIONS: 
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INPUTS DESCRIPTION 

PROCESS-MODE The process -mode parameter specifies the 

type of processing to be performed: 

o process-mode = 0 : no digital signature 

is generated 
o process-mode = 1 : a digital signature 
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is generated on CFARl using the private 

authentication key PRA stored in the PRA 

buffer in the CF, 
o process-mode = 2 : a digital signature 

is generated on CFARl using the private 

key PR specified in IKUl. 
o process-mode = 3 : reserved 



PUA-KEY The PUA-key parameter indicates whether the 

cfar should contain cfpkrl, which contains 
the PUA key: 



o PUA-key=0 : no 
o PUA-key=l : yes 

PRODUCT-COMPONENT 

The product-component parameter indicates 
whether the cfar should contain the Nonsecret 
Product Environment : 

o product-component=0 : no 
o product -component^l : yes 



HASH-RULE Specifies the hash algorithm to be used to 

calculate a hash value on cfar. The encoding 
of the hash-rule is as follows: 



o 


hash- 


■rule 


= 0 : 


MDC-2 algorithm 


o 


hash- 


rule 


= 1 : 


MDC-4 algorithm 


o 


hash- 


rule 


= 2 : 


MD4 algorithm 


o 


hash- 


rule 


= 3 : 


quadratic residue 


o 


hash- 


rule 


= 4-7 


: reserved 



This parameter is required only when 
process-mode=l or process-mode=2 . 
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10 



15 



20 



25 



30 



40 



45 



50 



IKUl-LENGTH The length of IKUl in bytes. This parameter 
is required only when process-mode=2 . 

^^^^ An Internal Key Unit containing a private 

key PR. This parameter is required only 
when process-mode=2 , The value of EID in 
SCBl must equal the value in the EID register. 
The values of Tstart and Texp in SCBl must 
satisfy the relationship Tstart < DT < Texp, 
where DT is the current date and time 
expressed in Coordinated Universal Time. 

A CFAP-supplied time-variant parameter to be 
stored in CFARl , This parameter is required 
only when process-mode=l or process -mode=2 . 

OUTPUTS DESCRIPTION 

CFAR-LENGTH The length of cfar in bytes. 
^^^^ A Crypto Facility Audit Record. 



DSIGl-LENGTH The length of dsigl in bits. This parameter 
is required only when process-mode=l or 
35 process-mode=2 . 

^^^^^ A digital signature produced from a CF 

System Signature Record (CFSSR) and a 
private key PR, in accordance with section 6 
of ISO DIS 9796, The CFSSR contains a 
128-bit hash value calculated on cfar. This 
parameter is required only when process -mode=l 
or process-mode=2 • 



Condition code indicating success or failure 
of the instruction execution. 



DESCRIPTION: 



55 



The Export Crypto Facility Audit Record Instruction constructs a Crypto Facility Audit Record (CFAR) 
and returns it to the CFAP. The CFAR contains (1) a copy of the nonsecret part of the CF Environment a 
date and tinne (DT) supplied by the CF. and (3) foo process-mode = 1 and process-mode = 2 a CFAP- 
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supplied time- variant value RN. RN can be a random number, sequence number, or time stamp, which may 
be used by a designated receiving device to ensure that a produced CFAR is current. 

A process-mode parameter specifies to the instruction whether a digital signature is generated on the 
CFAR and, if so, then whether the private key is (1) PRA or (2) a PR supplied to the ECFAR instruction. A 
5 hash-rule parameter indicates to the ECFAR instruction the hash algorithm to be used in generating the 
digital signature. 

Process-mode = 1 can only be executed when the GDAK FLAG is in the "full" state. Process-mode = 2 
can only be executed when the CKMP FLAG is in the "full" state. 

The Export Crypto Facility Audit Record instruction executes in the "preinit", "init", and "run" states. 

70 

CF CONTROL 

Enter Preinit State (EPS) 
75 EQUATION: 

() 
— > 

CC /unspecified/ 

20 



25 



PARAMETER DEFINITIONS: 
INPUTS 



DESCRIPTION 



None • 



30 



OUTPUTS 



DESCRIPTION 



35 



CC 



Condition code indicating success or failure 
of the instruction execution. 



DESCRIPTION: 

40 The Enter Preinit State instruction resets the CF STATE to the "preinit" state; it resets the configuration 

and state vectors to zero; it resets the POS register to value X'0123456789ABCDEF0123456789ABCDEF'; 
and it executes algorithm Initialize Pseudo-random Number to (further) initialize the pseudorandom number 
generator. The Enter Preinit State instruction DOES NOT erase or zeroize the PRNGCTR1, PRNGCTR2, 
PRNGKEY1, and PRNGKEY2 registers, which are registers used by the Initialize Pseudo-random Number. 

45 

Enter Init State (EIS) 

EQUATION: 



50 




CC /unspecified/ 

65 

PARAMETER DEFINITIONS: 
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INPUTS DESCRIPTION 
None • 

5 

OUTPUTS DESCRIPTION 

Condition code indicating success or failure 
of the instruction execution. 



15 



30 



35 



DESCRIPTION: 



The Enter Init State instruction loads a "default" configuration vector into the CF environment and 
resets certain flags in the state vector to change the state of the CF and to clear certain registers and 
20 buffers. (See "Configuration Vector" on page 32 for a description of the default configuration vector.) More 
particularly, the Enter Init State instruction causes the flags controlling the old, current, and new KMP 
registers to be reset to the "empty" state, thereby causing these keys to be invalid. It causes EKUMDC 
FLAG field to be reset to zero, thereby invalidating any MDCs currently loaded in the MDC Table, It causes 
the LCV FLAG to be reset to the "empty" state, thereby enabling execution of the LCV instruction It causes 
25 the CF STATE to be reset to the "init" state. 

The Enter Init State instruction does not reset flags associated with the master key KM. 
The EIS instruction can be executed in the "preinit". "init". and "run" states. 



Enter Run State (ERS) 

EQUATION: 

() 



> 



/unspecified/ 



40 PARAMETER DEFINITIONS: 

INPUTS DESCRIPTION 



45 

OUTPUTS 

50 CC 



None , 



DESCRIPTION 



Condition code indicating success or failure 
of the instruction execution. 



55 
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DESCRIPTION: 

The Enter Run State instruction causes the CF STATE flag to be set to the "run" state. 
The ERS instruction executes only in the "init" state. 

5 

Clear New PKA Master Key Register (CLNPMK) 

EQUATION: 

() 

10 

— > 

CC /unspecified/ 

75 

PARAMETER DEFINITIONS: 

INPUTS DESCRIPTION 

20 None . 

OUTPUTS DESCRIPTION 

25 

CC Condition code indicating success or failure 

of the instruction execution . 

30 

DESCRIPTION: 

The Clear New PKA Master Key Register instruction causes the NKMP flag in the state- vector to be 
35 reset to the "empty" state. 

The Clear New PKA Master Key Register instruction executes only in the "run" state. 

Clear Old PKA Master Key Register (CLOPMK) 

40 EQUATION: 

() 

— > 

CC /unspecified/ 

45 

PARAMETER DEFINITIONS: 

50 



55 
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INPUTS DESCRIPTION 

None • 

OUTPUTS DESCRIPTION 

Condition code indicating success or failure 
of the instruction execution. 




75 

DESCRIPTION: 

The Clear Old PKA Master Key Register instruction causes the OKMP flag in the state vector to be 
reset to the "empty" state. 
20 The Clear Old PKA Master Key Register instruction executes only in the "run" state. 

Set Authorization Flag (SAF) 

EQUATION: 

inst-index /16b/ 
— > 

/unspecified/ 

30 

PARAMETER DEFINITIONS: 

35 



40 



45 



50 



55 
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75 



20 



25 



30 



35 



40 



50 
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INPUTS DESCRIPTION 

INST-INDEX An instruction and instruction-mode index 

referencing AUTH( inst- index) in the AUTH 
field of the state vector, inst-index is a 
positive integer value between start-inst- 
index and 143, inclusive. See Configuration 
Table for a definition of start-inst-index 
and end inst-index. See also AUTH field in 
the state vector. 

inst-index is value referencing the following 
PKCD instructions and instruction modes: 



110 


VADS 






121 


CPMKP 


( input 


0) 


132 


IPRK (input 


0) 


111 


SRALM 






122 


CPMKP 


( input 


1) 


133 


IPRK (input 


1) 


112 


IPRNG 






123 


GNPMK 






134 


RTNPMK 




113 


EPS 






124 


GNDMK 






135 


RTCPMK 




114 


ECFAR 






125 


CLNPMK 






136 


GKSP 




115 


EIS 






126 


CLOPMK 






137 


IDK 




116 


SAF 






127 


SPMK 






138 


GADS 




117 


LMDCC 






128 


GPUPR 


(mode 


0/2) 


139 


GDS 




118 


LMDC 






129 


GPUPR 


(mode 


1) 


140 


VDS 




119 


LFPMKP 


( input 


0) 


130 


EPUK 






141 


ECFER 




120 


LFPMKP 


( input 


1) 


131 


IPUK 






142 


ICFER 




















143 


VIKU 





OUTPUTS DESCRIPTION 



CC Condition code indicating success or failure 

of the instruction execution. 



DESCRIPTION: 



The Set Authorization Flag instruction permits an AUTH flag asssociated with a particular instruction or 
instruction mode to be set to the "authorization required" state. Initially, the AUTH flag may be in the 
"authorization not required" or "authorization required" state. 

AUTH flags are reset to the "authorization not required" state via execution of an EPS or EIS 
55 instruction. 

The Set Authorization Flag instruction executes in the "init" and "run" states. 
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Set Enable Flag (SEF) 

; if inst-index='CPMKP input -mode=0 • 

or in8t-index«'CPMKP input -mode= 1 • 

or inst-index='GPUPR mode=0/2 ' 

/16b/ 

/unspecified/ 
/unspecified/ 

20 PARAMETER DEFINITIONS: 

25 
30 

35 . 

40 

45 

50 

55 

88 



10 



EQUATION: 

inat-index 

f lag-val 

<ctr> 



/16b/ 

/2b minimum/ 
/Bb/ 



15 



<r> 
<V> 
— > 

cc 
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INPUTS 



DESCRIPTION 



INST-INDEX 



10 



15 



An instruction and instruction-mode index 
referencing ENABLE ( inst-index) in the ENABLE 
field of the state vector, inst-index is a 
positive integer value between start-inst- 
index and 143, inclusive. See Configuration 
Table for a definition of start-inst-index 
and 143. See also ENABLE field in the state 
vector. 

inst-index is value referencing the PKCD 
instructions and instruction modes, as 
follows: 



20 



25 



30 



35 



no VADS 

111 SRALM 

112 IPRNG 

113 EPS 

114 ECFAR 

115 EIS 

116 SAF 

117 LMDCC 

118 LMDC 

119 LFPMKP (input 0) 130 EPUK 

120 LFPMKP (input 1) 131 IPUK 



121 CPMKP (input 0) 

122 CPMKP (input 1) 

123 GNPMK 

124 GNDMK 

125 CLNPMK 

126 CLOPMK 

127 SPMK 

128 GPUPR (mode 0/2) 139 GDS 

129 GPUPR (mode 1) 140 VDS 

141 ECFBR 

142 ICFER 

143 VIKU 



132 IPRK (input 0) 

133 IPRK (input 1) 

134 RTNPMK 

135 RTCPMK 

136 6KSP 

137 XDK 

138 GADS 



40 



FLAG-VAL 



A parameter specifying the ENABLE ( inst-index) 



45 



50 



55 
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value, as follows: 

o 0 : enabled for any number of executions. 

5 

o 1 : enabled for 1 execution only. 

o 2 : enabled for n (n- 1 thru 255) 

executions, where n is specified in 
input parameter ctr. 

'5 o 3 : not enabled 

The permitted values of flag-val for each 
instruction and instruction mode are listed 
below (see also the ENABLE field in the 
state vector for a description of ENABLE (inst- 
index) values which are valid and invalid). 



25 





index 






0 1 


2 3 


index 






0 1 


2 3 


30 


1 108 


reserved 




1 1 


1 1 1 


1 127 


SPMK 




ly|y 


lyl 




1 109 


reserved 




1 1 


1 1 1 


1 128 


GPUPR 


(mode 0/2) |y | 


y|y| 




1 110 


VADS 




ly| 


1 !yl 


1 129 


GPUPR 


(mode 1) 


ly| 1 


ly| 


35 


1 111 


SRALM 




ly| 


1 lyl 


1 130 


EPUK 




ly| 1 


ly| 




1 112 


IPRNG 




|y| 


1 lyl 


1 131 


IPUK 




|y| 1 


ly| 




1 113 


EPS 




ly| 


1 lyl 


1 132 


IPRK 


(input 0) 


ly| 1 


lyl 




1 114 


ECFAR 




ly| 


1 lyl 


1 133 


IPRK 


( input 1 ) 


ly| 1 


ly| 


40 


1 115 


EIS 




ly| 


1 lyl 


1 134 


RTNPMK 




ly| 1 


ly| 




1 116 


SAP 




|y| 


ly| 


1 135 


RTCPMK 




lyl 1 


ly| 




1 117 


LMDCC 




ly|y 


ly| 


1 136 


GKSP 




|y| 1 


ly| 


45 


1 118 


LMDC 




ly|y 


ly| 


1 137 


IDK 




lyl i 


|y| 




1 119 


LFPMKP (input 


0) 


ly|y| 


ly| 


1 138 


GADS 




|y| 1 


|y| 




1 120 


LFPMKP (input 


1) 


ly|y| 


ly| 


1 139 


GDS 




|y| 1 


ly| 




1 121 


CPMKP ( input 


0) 


ly| 1 


y|y| 


1 140 


VDS 




|y| 1 


lyl 


50 


1 122 


CPMKP ( input 


1) 


ly| 1 


y|y| 


1 141 


ECFER 




|y|y| 


ly| 
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I 123 GNPMK 

I 124 GNDMK 

I 12 5 CLNPMK 

I 126 CLOPMK 



lylyl lyl I 142 icfer 

lylyl |y| | 143 VIKU 

lyl I lyl I 

ly| I lyl I 



lyl I ly| 
|y| I ty| 
Mill 
I I I I I 



10 



15 



CTR 



A counter specifying a number (1 thru 255) of 
permitted executions of the instruction or 
instruction-mode specified by inst-index. This 
parameter is required only when inst-index= • CPMKP 
input-mode=0 • or ins t-index= ' CPMKP input-mode=l • 
or inst-index= • GPUPR mode=0/2 ' . 



20 



The length of V in bytes. This parameter is 
required only when V is present. 



25 



30 



A parameter containing proof of authorization. 
The specification of what V contains, the format 
of V, and the processing performed on V is not 
defined by the PKCD. This is an implementation 
choice. This parameter is optional and is needed 
only when required by the implementation. 



35 



40 



OUTPUTS DESCRIPTION 

CC Condition code indicating success or failure of 

the instruction execution. 



DESCRIPTION: 

The Set Enable Flag instruction permits an ENABLE flag associated with a particular instruction or 
instruction nnode to be set to one of its pernnitted ENABLE flag values. The possible ENABLE flag values 
are (1) enabled. (2) enabled for 1 execution, (3) enabled for n execution, where n is a nunnber from 1 to 255, 
and (4) disabled. 

The ENABLE flag value supported by each instruction vary. See the definition of the flag-val parameter. 
The SEP instruction has no associated DEFINE, AUTH CONTROL, AUTH, and ENABLE flags to control 
SEF instruction execution. 

The SEF Instruction executes in the "init" and "run" states. 

CKDS UPDATE 



55 Reencipher To New PKA Master Key (RTNPMK) 
EQUATION: 



45 



50 
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IKUl-length 

IKUl 

— > 

IKU2 

cc 



/16b/ 

/unspecified/ 

/unspecified/ 
/unspecified/ 



10 



PARAMETER DEFINITIONS: 

INPUTS DESCRIPTION 



75 



IKUl-LENGTH The length of IKUl in bytes 



20 



IKUl 
OUTPUTS 



An Internal Key Unit 
DESCRIPTION 



IKU2 



25 



An Internal Key Unit* The length of IKU2 in 
bytes is equal to IKUl-length. 



CC 



30 



Condition code indicating success or failure 
of the instruction execution . 



35 



40 



DESCRIPTION: 

The Reencipher To New PKA Master Key instruction reenciplners an IKU from encryption under the 
current PKA nnaster key (CKMP) to encryption under a new PKA master key (NKMP). The instruction 
operates only if the CKMP FLAG and the NKMP FLAG are in the "full" states. Also, if CKMP has been 
generated via the GNPMK instruction, then the instruction operates only if NKMP has been generated via 
the GNPMK instruction. 

The RTNPMK instruction executes only in the "run" state. 



Reencipher To Current PKA Master Key (RTCPMK) 

45 EQUATION: 

IKUl-length 

IKUl 

— > 

50 

IKU2 
CC 



/16b/ 

/unspecified/ 

/unspecified/ 
/unspecified/ 



55 



PARAMETER DEFINITIONS: 
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INPUTS 



DESCRIPTION 



IKUl-LENGTH The length of IKUl in bytes 



IKUl 



An Internal Key Unit. 



?o OUTPUTS 



DESCRIPTION 



15 



IKU2 



An Internal Key Unit. The length of IKU2 in 
bytes is equal to IKUl-length. 



20 



cc 



Condition code indicating success or failure 
of the instruction execution. 



DESCRIPTION: 



25 



30 



35 



40 



45 



50 



56 



The Reencipher To Current PKA Master Key instruction reenciphers an IKU fronn encryption under the 
old PKA nnaster key (OKMP) to encryption under the current PKA master key (CKMP). The instruction 
operates only if the OKMP FLAG and the CKMP FLAG are in the "full" states. 

The RTCPMK instruction executes only in the "run" state. 

KEY MANAGEMENT 

Generate Public and Private Key Pair (GPUPR) 



EQUATION: 

gen-tnode 
<codeword> 
SKUl-length 
SKUl 

SKU2-length 

SKU2 

— > 

IKUl-length 
IKUl 

<IKU2-length> 
<IKU2> 

<EKU2-length> 

<EKU2> 

CC 



/2b minimum/ 

/128b/ 

/16b/ 

/ unspecified/ 
/16b/ 

/unspecified/ 
/16b/ 

/unspecified/ 
/16b/ 

/ unspecified/ 
/16b/ 

/unspecified/ 
/ unspecified/ 



if gen-mode=l 



if gen-mode=0 or gen— mode=l 

; if gen— mode=0 or gen— mode=l 
; if gen— mode=2 
; if gen-mode=2 
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PARAMETER DEFINITIONS: 



INPUTS 



DESCRIPTION 



GEN -MODE 



10 



15 



20 



25 



30 



CODEWORD 



The gen-mode parameter specifies the generation 

mode of the GPUPR instruction. 

o gen-mode=0 : PU and PR are randomly 

generated. The generated (PU,PR) are a 
(PUG, PRC), (PUM,PRM), or (PUU^PRU). PU 
and PR are output as IKUl and IKU2, 
respectively . 

o gen-mode=l : PU and PR are generated 
from codeword, such that whenever the 
same codeword is specified to the GPUPR 
instruction the same (PU,PR) pair is 
generated. The generated (PU,PR) is a 
(PUU,PRU). PU and PR are output as 
IKUl and IKU2, respectively. 

o gen-mode=2 : PU and PR are randomly 
generated. The generated (PU,PR) is a 
(PUU,PRU). PU and PR are output as 
IKUl and EKUl, respectively. 

A value using by the key generator to 
derive PU and PR. 



35 



SKUl -LENGTH 



The length of SKUl in bytes 



SKUl 



A Skeleton Key Unit for to-be-generated PU, 



40 



SKU2 -LENGTH 



The length of SKU2 in bytes. 



45 



50 
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SKU2 



A Skeleton Key Unit for to-be-generated PR. 



OUTPUTS 



DESCRIPTION 



IKUl- LENGTH 



The length of IKUl in bytes. 



10 



75 



IKUl 



An Internal Key Unit containing generated 
PU. The value of EID in SCBl must equal the 
value in the EID register. The value of 
Texp in SCBl must satisfy the relationship 
DT < Texp, where DT is the current date and 
time expressed in Coordinated Universal Time. 



20 



IKU2 -LENGTH 



The length of IKU2 in bytes. This parameter 
is required only when gen-mode=0 or gen-mode=l, 



25 



30 



IKU2 



An Internal Key Unit containing generated 
PR. This parameter is required only when 
gen-mode=0 or gen-mode=l. The value of EID 
in SCB2 must equal the value in SCBl. The 
values of Tstart and Texp in SCB2 must equal 
the values of Tstart and Texp in SCBl. 



35 



EKU2 -LENGTH 



EKU2 



40 



The length of EKU2 in bytes. This parameter 
is required only when gen-mode=2 . 

An External Key Unit containing generated 
PR. This parameter is required only when 
gen-mode=2 . 



CC 



45 



Condition code indicating success or failure 
of the instruction execution. 



DESCRIPTION: 

50 The Generate Public and Private Key Pair instruction generates a public and private key pair, PU and 
PR. and stores each key in and Internal Key Unit (IKU) or External Key Unit (EKU) depending the value of a 
gen-mode parameter supplied to the Generate Public and Private Key Pair instruction. 

For gen-nnode = 0, the generated keys can be a (PUC.PRC), (PUM.PRM), or (PUU.PRU) key pair. 
However, to generate a (PUC.PRC) pair, the device must be configured as a certification center (i.e., 

55 CERTIFICATION = B'V must be specified in the configuration vector). Both PU and PR are output as 
Internal Key Units. 

For gen-mode = 1, the generated keys can be a (PUU,PRU) key pair only. In this case, the keys are 
generate from a 128 bit code word supplied to the Generate Public and Private Key Pair instruction. Both 
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PUD and PRU are output as Internal Key Units. 

For gen-nnode = 2, the generated keys can be a (PUU.PRU) key pair only. PUU is output as an Internal 
Key Unit and PRU is output as an External Key Unit (i.e., PRU is output in clear form). 

The attributes of the to-be-generated keys. PU and PR, are specified in Skeleton Key Units, SKU1, and 
5 SKU2, respectively. Consistency checking is performed on the control blocks and control vectors in SKU1 
and SKU2, prior to generating PU and PR. Control Vector fields such as ALGORITHM, ALGORITHM 
EXTENSION, LENGTH, DOMAIN ID must be the same for both PU and PR. The BID field in SCB1 of SKU1 
and the E!D field in SCB2 of SKU2 must be equal to the value stored in the EID register of the CF (i.e., the 
EID value originally set using an LPID instruction). 
10 The control vector fields ALGORITHM, ALGORITHM EXTENSION, and LENGTH specify to the 

cryptographic facility the public key algorithm and other key generation information sufficient to permit 
(PU,PR) to be generated. 

The Generate Public and Private Key Pair instruction executes only in the "run" state. 

75 FUNCTIONAL SPECIFICATION: 

1. Perform input parameter consistency checking: 

a. Verify gen-mode has value 0,1, or 2 

b. Verify that SKU1 is consistent to definition of an SKU. 
20 c. Verify that SKU2 is consistent to definition of an SKU. 

Continue if checking succeeds; otherwise set CC status flag and jump to step 9. 

2. Perform configuration vector and state vector checking: 

a. Verify that CF STATE in state vector is in the "run" state. 

b. Verify that KMP-FLAG(CKMP) in state vector is in the "full" state. 
25 c. If gen-mode = 0 or gen-mode = 2, then do: 

1) Verify that DEFINE(GPUPR mode = 0/2) in config. vector = B'V. 

2) Verify that ENABLE(GPUPR mode = 0/2) in state vector = B'OO' or B'10'. 
d. If gen-mode = 1 then do: 

1) Verify that DEFINE(GPUPR mode = 1) in config. vector = B'V. 
30 2) Verify that ENABLE(GPUPR mode = 1) in state vector = B'OO'. 

Continue if checking succeeds; otherwise set CC status flag and jump to step 9. 

3. Perform control block and control vector checking. Continue if checking succeeds; otherwise set CC 
status flag and jump to step 9. 

4. Generate Keys: 

35 a. If gen-mode = 0 or gen-mode = 2, then perform PKA Key Generation to generate a pair of public 

and private cryptographic facility PKA records cfpkri and cfpkr2, respectively. The length of cfpkri 
and cfpkr2 are si and s2, respectively, where sl and s2 are pre-selected values that indicate the 
number of 8 byte blocks. 

b. If gen-mode = 1, then perform PKA Key Generation, with code-word supplied as an input, to re- 
40 generate a pair of public and private cryptographic facility PKA records cfpkri and cfpkr2, respec- 

tively. The length of cfpkri and cfpkr2 are si and s2, respectively, where s1 and s2 are pre-selected 
values that indicate the number of 8 byte blocks. 

5. Prepare outputs IKUI-length and IKU1: 

a. Construct a key authenticator record cfkarl from the key record cfpkri , using the method specified 
45 in Key Record Encrypt Algorithm 12. 

b. Construct a clear key unit CKU1 from SKU1 , cfpkri, and cfkarl. 

c. Set CKMP := value of KMP stored in the CKMP register. 

d. Perform Encipher Clear Key Unit on CKU1 to obtain an internal key unit IKU1, using CKMP as the 
master key KMP. 

50 6. Prepare outputs IKU2-length and IKU2, if gen-mode = 0 or gen-mode = 1 : 

a. Construct a key authenticator record cfkar2 from the key record cfpkr2, using the method specified 
in Key Record Encrypt Algorithm 12. 

b. Construct a clear key unit CKU2 from SKU2, cfpkr2, and cfkar2. 

C. Perform Encipher Clear Key Unit on CKU2 to obtain an internal key unit IKU2, using CKMP as the 
55 master key KMP. 

7. Prepare outputs EKU2-length and EKU2, If gen-mode = 2: a. Construct an external key unit EKU2 from 
SKU2 and cfpkr2. 

8. Perform state vector update: 
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a. If (gen-mode = 0 and ENABLE(GPUPR mode = 0/2) = B'10') or (gen-mode = 2 and ENABLE(GPUPR 
mode = 0/2) = B'10'), then do: 

1) Decrement COUNTER(GPUPR mode = 0/2) in Counter Table by 1. 

2) If COUNTER(GPUPR mode = 0/2) = 0, then reset ENABLE(GPUPR mode = 0/2) := B'ir (i.e., 
5 reset the ENABLE Flag to the "disabled" state). 

9. Produce output CC from CC status flags. 

CONTROL BLOCK AND CONTROL VECTOR CHECKING: 

10 Perform control block and control vector checking: 

1. Extract SCB1 and C1 from SKU1: 

a. Extract the system control block SCB1 from SKU1. 

b. Extract control vector C1 from SCB1. 

2. Extract SCB2 and C2 from SKU2: 

75 a. Extract the system control block SCB2 from SKU2. 

b. Extract control vector C2 from SCB2. 

3. Checking on Cl (associated with public key): 

a. If gen-mode = 0, then verify CV TYPE in C1 = 'public certification key' or 'public key management 
key' or 'public user key' 
20 b. If gen-mode = 1 or gen-mode = 2, then verify CV TYPE in CI = 'public user key' 

c. Verify RTNPMK/RTCPMK in Cl = BM' (i.e., 'enabled') 

d. Verify HIST-IPUK in C1 = B'O' (i.e., 'not imported') 

4. Checking on C2 (associated with private key): 

a. If CV TYPE in C2 = 'PRU', then verify HIST-IPRK in C2 = B'O' (i.e.. not imported via IPRK - _ 
25 instruction) '^^ 

b. Verify RTNPMK/RTCPMK in C2 = B'1' (i.e., 'enabled') -if 

5. Checking on C1 and C2 (i.e., for a PUC/PRC, PUM/PRM, or PUU/PRU): 

a. Verify (CV TYPE in C1) XOR B'0001000' = (CV TYPE in C2) 

b. Verify (ALGORITHM in C1) = (ALGORITHM in C2) 

30 c. Verify (ALGORITHM EXTENSION in C1) = (ALGORITHM EXTENSION in C2) 

d. Verify (LENGTH in Cl) = (LENGTH in C2) ^ 

e. Verify (DOMAIN ID in C1) = (DOMAIN ID in C2) ^mr 

f. Verify (PR USAGE in C1) = (PR USAGE In C2) r. 

g. Verify (PU USAGE in C1) = (PU USAGE in C2) .-i 
35 6. Checking on Cl and configuration vector: - 

a. if CV TYPE in C1 = 'public certification key', then verify CERTIFICATION in config. vector = BM' 5. ' 
(i.e., certification center). - , . 

b. If (CV TYPE in C1 = 'public key management key*) and (KREGMODE in Cl = B'GV), then verify 
KREG in config. vector = B'O'. 

40 7. Checking on C2 and configuration vector, if CV TYPE in C2 - 'private key management key': 
a. Verify THRES-MDC in C2 > = FLOOR-MDC in config. vector, 

8. (optional) Checking on SCB1: 

a. (optional) Verify that the current date and time is less than the expiration time Texp specified in 
SCB1. 

45 b. (optional) Verify that the Environment ID stored in the EID register is the same as the Environment 

ID stored in SCB1 . 
NOTE: : Tstart, Texp, and EID are checked only when an IKU is used. 

9. Checking on SCB1 and SCB2: 

a. Verify that the values of Environment ID stored in SCB1 and SCB2 are the same. 
50 b. Verify that the values of Tstart stored in SCB1 and SCB2 are the same. 

c. Verify that the values of Texp stored in SCB1 and SCB2 are the same. 
Continue if checking succeeds; otherwise set CC status flag and jump to step 9. 
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Export Public Key (EPUK) 

EQUATION: 
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; if PR-mode=2 or PR-mode=3 
; if PU-mode=0 
; if PU-mode=0 

; if PR-mode=2 
; if PR-mode=2 



; if PR-mode-2 or PR-mode 
7 if PR-mode=2 or PR-mode 



30 



35 



40 



45 



50 



55 
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PU-mode 

PR-mode 

<hash-rule> 

<IKUl-length> 

<IKU1> 



/lb minimum/ 
/2b minimum/ 
/3b minimum/ 
/16b/ 

/unspecified/ 



10 



15 



20 



<IKU2-length> 

<IKU2> 

C3 

— > 

EKU3-length 
EKU3 

<dsigl-length> 

<dsigl> 

CC 



/16b/ 

/unspecified/ 
/128b/ 

/16b/ 

/unspecified/ 
/16b/ 

/unspecified/ 
/unspecified/ 
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PARAMETER DEFINITIONS: 
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10 



15 



20 



25 



30 



35 



40 



45 



50 
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INPUTS DESCRIPTION 

PU-MODE The PU-mode parameter specifies the source 

of the public key to be exported, as follows: 
o PU-mode=0 : use PU in IKUl 
o PU-mode=l : use PUA in CF 

PR-MODE The PR-mode parameter specifies whether a 

digital signature is generated and, if so, 
then also the source of PR, 
o PR-mode=0 : no 
o PR-mode=l : reserved 
o PR-mode=2 : yes, use PR in IKU2 
o PR-mode=3 : yes, use PRA in CF 

HASH-RULE Specifies the hash algorithm to be used to 

calculate a hash value on EKU3 . The encoding 



of 


the hash-rule is 


as follows: 


o 


hash-rule = 


0 : 


MDC-2 algorithm 


o 


hash-rule = 


1 : 


MDC-4 algorithm 


o 


hash-rule = 


2 : 


MD4 algorithm 


o 


hash-rule = 


3 : 


quadratic residue 


o 


hash-rule = 


4-7 


: reserved 
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This parameter is required only when PR-mode=2 
or PR-mode=3- 

IKUl-LENGTH The length of IKUl in bytes. This parameter 
is required only when PU-mode=0. 

IKUl An Internal Key Unit containing PU, This 

parameter is required only when PU-mode=0 No 
checking is performed on the EID, Tstart, 
and Texp fields in SCBl. 

IKU2-LENGTH The length of IKU2 in bytes. This parameter 
is required only when PR-mode=2 . 



IKU2 An Internal Key Unit containing PR. This 

parameter is required only when PR-mode=2 . 
The value of KID in SCB2 must equal the 
25 value in the EID register. The values of 

Tstart and Texp in SCB2 must satisfy the 
relationship Tstart _< DT < Texp, where DT is 
the current date and time expressed in 
Coordinated Universal Time. 

C3 A 16 byte control vector for to-be-exported PU. 

OUTPUTS DESCRIPTION 



50 



EKU3-LENGTH The length of EKU3 in bytes. 

EKU3 An External Key Unit containing the exported 

PU- 

DSIGl-LENGTH The length of dsigl in bits. This parameter 

is required only when PR-mode=2 or PR-mode=3, 

DSIGl A digital signature produced from a CF 
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System Signature Record (CFSSR) and a 
private key PR, in accordance with section 6 
of ISO DIS 9796. The CFSSR contains a 
5 128-bit hash value calculated on EKU3 . This 

parameter is required only when PR-mode=2 or 
PR-mode=3 . 

70 

CC Condition code indicating success or failure 

of the instruction execution. 



75 

DESCRIPTION: 

The Export Public Key instruction (1) translates an Internal Key Unit containing public key PL) to an 
External Key Unit containing PU (PU-nnode = 0) or (2) it constructs an External Key Unit for the internally 

20 Stored key PDA (PU-mode = 1). 

The Export Public Key instruction has options for outputting the constructed External Key Unit (1) 
without a digital signature (PR-mode = 0), (2) with a digital signature generated with a PR supplied to the 
Export Public Key instruction (PR-mode = 2), or (3) with a digital signature generated with the internally 
stored key PRA (PR-mode = 3). The private key PR used with PR-mode = 2 can be a PRC, PRM, or PRU 

25 key. However, to generate a digital signature with private key PRC, the device must be configured as a 
certification center (i.e., CERTIFICATION = B'V must be specified in the configuration vector). A hash-rule 
parameter indicates to the EPUK instruction the hash algorithm to be used In generating the digital 
signature. 

Control vectors Cl, C3, and C4 are all associated with the PU to be exported. Cl is stored either in 
30 IKU1 (PU-mode = 0) or In the PUACV register (PU-mode = 1). C4 is stored in EKU3, and C3 is an 
intermediate value used by the CFAP to request changes to C1, as follows. When a PU is exported, the 
CFAP is permitted, In certain cases, to change control vector fields. If no change is desired or no change Is 
permitted, then the CFAP sets C3 : = Cl, else the CFAP produces C3 by making selected changes to Cl. 
The control vector checking process assures that C3 is properly specified. Likewise, when a PU Is exported 
35 the CF is permitted to change certain control vector fields. If no change Is needed or prescribed, then the 
CF sets C4 : = C3; else the CF produces C4 by making selected changes to C3. 
The Export Public Key instruction executes only in the "run" state. 

FUNCTIONAL SPECIFICATION: 

40 

1. Perform Input parameter consistency checking: 

a. Verify PR-mode has value 0, 2, or 3 

b. If PU-mode = 0, then verify that IKU1 is consistent to definition of an IKU 

c. If PR-mode = 2, then verify that IKU2 is consistent to definition of an IKU 

45 Continue if checking succeeds; otherwise set CC status flag and jump to step 9. 

2. Perform configuration vector and state vector checking: 

a. Verify that DEFINE(EPUK) in config. vector = B'V. 

b. Verify that CF STATE In state vector is in the "run" state. 

c. Verify that ENABLE(EPUK) in state vector = B'OO'. 

50 d. Verify that KMP-FLAG(CKMP) in state vector is in the "full" state. 

Continue if checking succeeds; otherwise set CC status flag and jump to step 9. 

3. Perform control block and control vector checking. Continue If checking succeeds; otherwise set CC 
status flag and jump to step 9. 

4. Construct outputs EKU3-length and EKU3, if PU-mode = 0: 
55 a. Set CKMP : = value of KMP in the CKMP register. 

b. Perform Recover Clear Key Unit on IKU1 to recover a clear key unit CKU1, using CKMP as the 
master key KMP. 

c. Construct control vector C4 from C3. 

101 



BNSDOCID:<EP 0534419A2> 



EP 0 534 419 A2 



d. Construct an external key unit EKU3 and its length EKU3-length, from CKU1 and C4, 

5. Construct outputs EKU3-length and EKU3, if PU-nnode = 1: 

a. Construct control vector C4 from C3. 

b. Construct SCB for an external key unit, from C4 and Environment ID. 

' 5 c. Construct external key unit EKU3 and its length EKU3-length, from the the key record of the PUA 

stored inside the CF and from the SCB. 

6. Produce outputs dsigl-length and dsigl, if PR-mode -2: 

a. Extract control vector C from IKU2. 

b. Calculate a hash value on EKU3, using the hash algorithm specified by input hash-rule. 

10 c. Construct a cryptographic facility system signature record cfssri from hash-rule and the calculated 

hash value. 

d. Calculate digital signature dsig1 on the constructed cfssri, using the private key stored in IKU2. 

7. Produce outputs dsigl-length and dsigl, if PR-mode = 3: 

a. Calculate a hash value on EKU3, using the hash algorithm specified by 
15 b. Construct a cryptographic facility system signature record from hash- rule and the calculated hash 

value. 

c. Calculate digital signature dsigl on the constructed cryptographic facility system signature record, 
using the private authenttcator key stored inside the CF. 

8. Perform state vector update: None. 

20 9. Produce output CC from CC status flags. 

CONTROL BLOCK AND CONTROL VECTOR CHECKING: 

Perform control block and control vector checking: 
25 1. Extract SCB1 and Cl from IKU1, if PU-mode = 0: 

a. Extract the system control block SCB1 from IKU1. 

b. Extract control vector CI from SCB1 . 

2. Extract C1 from PUACV register, if PU-mode = 1: 

a. Set C1 :== 16 byte control vector in the PUACV register. 
30 3, Extract SCB2 and C2 from IKU2, if PR-mode = 2: 

a. Extract the system control block SCB2 from IKU2. 

b. Extract control vector C2 from SCB2. 

4. Extract C2 from PRACV register, if PR-mode = 3: 

a. Set C2 := 16 byte control vector in the PRACV register. 
35 5. Checking on C1 (associated with PU to-be-exported), if PU-mode = 0: 
a. Verify CV TYPE in Cl = B'HIOxxx' (i.e., a public PKA key) 

6. Checking on C1 (associated with PUA to-be-exported), if PU-mode ~ 1 : none 

7. Checking on C2 (associated with PR), if PR-mode = 2: 

a. Verify CV TYPE in C2 = BMIIIxxx* (i.e., a private PKA key) 
40 b. Verify EPUK usage bit = B'V (i.e., enabled) 

c. Perform Control Vector Validate on C1 to validate certain fields in Cl. 

8. Checking on C2 (associated with PRA), if PR-mode = 3: 
a. Verify EPUK usage bit = B'V (i.e., enabled) 

9. Checking on C1 and C3: 
45 a. Verify C3 = C1. 

10. Checking on C2 and configuration vector: 

a. If CV TYPE in C2 = 'private certification key', then verify CERTIFICATION in config. vector = B'V 
(i.e., certification center). 

11. (optional) Checking on SCB1, if PU-mode =0: 

50 a. (optional) Verify that the current date and time is less than the expiration time Texp specified in 

SCB1. 

NOTE: : Tstart, Texp, and EID are checked only when an IKU is used. 

12. Checking on SCB2, if PR-mode = 2: 

a. Verify that the current date and time are in the time interval (Tstart.Texp), specified in SCB2 (i.e., 
55 Tstart £ DT < Texp). 

b. Verify that the Environment ID stored in the EID register is the same as the Environment ID stored 
in SCB2. 

Continue if checking succeeds; otherwise set CC status flag and jump to step 9. 
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Import Public key (IPUK) 

EQUATION: 

import -mode 

<MDC-mode> 

<MDC-index> 



<hash-rule> 



s ignature-mode 

EKUl-length 

EKUl 

<dsigl-length> 

<dsigl> 

<IKU2-length> 



/ lb minimum/ 
/ lb minimum/ 
/5b minimum/ 



/ 3b minimum/ 



/2b minimum/ 
/16b/ 

/unspecified/ 
/16b/ 

/ unspec i f ied/ 
/16b/ 



; if import -mode =0 

; a) if import -mode=0 & MDC-mode=0 
& EKUl contains a PUC key 
b) if import -mode =0 & MDC-modes=l 
; a) if import -mode=0 & MDC-mode=0 
& EKUl contains a PUC key 
b) if import-mode-0 & MDC— mode=l 



; if signature-mode=0 
; if signature-mode-0 

; if import -mode=l & signature-mode = (0, 1) 



25 



30 



<IKU2> 
C3 
— > 

iKUa-length 

IKU3 

CC 



/unspecified/ 
/128b/ 

/16b/ 

/unspec i f ied/ 
/unspecified/ 



; if import-mode=l & signature-mode = (0, 1) 



35 



PARAMETER DEFINITIONS: 



40 



45 



50 



55 
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INPUTS 



DESCRIPTION 



IMPORT-MODE 



specifies the mode of public key import as 
follows : 



10 



15 



MDC-MODE 



o import -mode=0 : The public key in EKUl 
is imported as a root PU, 

o import-mode=l : The public key in EKUl 
is imported as a successor PU. 

Specifies the MDC processing mode, as follows 



o MDC-mode=0 : If EKUl contains a PUC key, 
then an MDC calculated on EKUl is loaded 
into EKUMDC Table, (The EKUMDC Table 
entry must be uninitialized.) Otherwise, 
if EKUl contains a PUA, PUM, or PUU key, 
no MDC is loaded. 



o MDC-mode=l MDC calculated on EKUl is 
validated against an MDC value in the 
EKUMDC Table. (The EKUMDC Table entry 
must be preinitialized . ) 

The MDC-mode parameter is required when 
import-mode=0 . 



40 



45 



50 



55 
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NOTE: The hash-rule parameter specifies 
the hash algorithm to be used in calculating 
an MDC on EKUl. 

MDC- INDEX The MDC- index parameter specifies a number n 

= 0,1,. ,.,16, where n refers to EKUMDC(n)* 

This parameter is required when (a) import- 
mode=0, MDC-mode=0, and EKUl contains a PUC 
key, or (b) import-mode=0 , MDC-mode=l. For 
case (a), MDC-index must be a value 0/ 1, 

15. For case (b), MDC-index must be a 
value 0, 15, when EKUl contains a PUC 

key and MDC-index must be value 16 when EKUl 
contains a PUA, PUM, or PUU key. 

HASH-RULE Specifies the hash algorithm to be used to 

hash the External Key Unit EKUl. The 
encoding of the hash-rule is as follows: 



o 


hash- 


rule = 


0 : 


MDC-2 algorithm 


o 


hash- 


rule = 


1 : 


MDC-4 algorithm 


o 


hash- 


rule = 


2 : 


MD4 algorithm 


o 


hash- 


rule = 


3 : 


quadratic residue 


o 


hash- 


rule = 


4-7 


: reserved 



This parameter is required when (a) 
import-mode=0 , MDC-mode=0, and EKUl contains 
a PUC key, or (b) import-mode=0 , MDC-mode=l. 

SIGNATURE -MODE Specifies the signature processing mode, as 

follows: 

o signature-mode=0 : system signature 
(checked by CF) 
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o signature-mode=l 

(checked by CFAP) 
o signature-mode=2 



application signature 
no signature 



Signature-mode=2 may be specified only when 
import -mode= 0 . That is, a public key 
imported with signature-mode=2 (no signature) 
must be a root PU. 



75 



The following processing is indicated by 
signature-mode and import-mode: 



20 



25 



30 



35 



EKUl -LENGTH 
EKUl 



40 



45 



1. For signature-mode=0 and import -mode^^ 0 , 
the system signature, dsigl, is verified by 
the CF using the PU in EKUl. 

2. For signature-mode=0 and import -mode= 1 , 
the system signature, dsigl, is verified by 
the CF using the PU in IKU2 . 

3. For signature-mode=l and import-mode=0 , 
an application signature is verified by the 
CFAP using the PU in EKUl. 

4. For signature-mode=l and import-mode-1 , 
an application signature is verified by the 
CFAP using the PU in IKU2 . 

The length of EKUl in bytes. 

An External Key Unit containing the to-be- 
imported PU. For import -mode=0 , Texp in 
SCBl must satisfy the relationship DT < 
Texp, where DT is the current date and time 
expressed in Coordinated Universal Time. 
This is because the to-be- imported PU is 
used to verify a 'weak* signature generated 
on EKUl. 



50 
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DSIGl -LENGTH 



The length of dsigl in bits. This parameter 
is required only when signature-mode=0 . 



10 



DSIGl 



A digital signature produced from a CF 
System Signature Record (CFSSR) and a private 
key PR in accordance with section 6 of ISO 
DIS 9796. The CFSSR contains a 128-bit hash 
value calculated on EKUl, This parameter is 
required only when signature-mode=0 • 



75 



IKU2 -LENGTH 



20 



25 



30 



35 



IKU2 



C3 



OUTPUTS 



The length of IKU2 in bytes. This parameter 
is required only when import-mode=l and 
signature-mode= ( 0 or 1). 

An Internal Key Unit containing PU. The 
values of Tstart and Texp in SCB2 must satisfy 
the relationship Tstart < DT < Texp, where 
DT is the current date and time expressed in 
Coordinated Universal Time. This parameter 
is required only when import-mode=l and 
signature-mode= ( 0 or 1). 

A 16 byte control vector for the to-be-im- 
ported PU. 

DESCRIPTION 



40 



45 



I KU 3 -LENGTH 



IKU3 



CC 



The length of IKU3 in bytes. 

An Internal Key Unit containing the imported 
PU. 

Condition code indicating success or failure 
of the instruction execution. 



50 

DESCRIPTION: 

The Import Public key instruction translates an External Key Unit containing a public key PU to an 
55 Internal Key Unit containing PU. The imported PU can be a PUA, PUC, PUM, or PUU. A PU imported with 
import-mode = 0 is called a "root" PU in a chain; a PU imported with import-mode = 1 is called a 
"successor" PU in a chain. 
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The External Key Unit can also have an attached digital signature (dsig1), which is validated using (1) 
the PU contained in the External Key Unit to be imported (import-mode = 0) or (2) a PU contained in an 
Internal Key Unit supplied to the Import Public key instruction (importmode = 1 ). The PU used to validate the 
attached digital signature can be a PUA, PUC, PUM, or PUU. 
5 A signature-mode parameter indicates whether a system signature is specified to the IPUK instruction 

(signature-mode = 0) or whether a system signature is not specified to the IPUK instruction (signature- 
mode = 1 and signature-mode = 2). signature-mode-1 indicates that an application signature is specified 
to, and checked by, the CFAP, signature-mode = 1 causes the IPUK instruction to execute exactly the same 
as signature-mode = 0, except that the step of validating the system signature is omitted. For example, when 

10 import-mode = 1 and signature-mode = 1 , history information is set in the control vector associated with IKU3 
using information in the control vector associated with IKU2, even though the PU in IKU2 is not used to 
validate a system signature on EKU1. The IPUK instruction assumes that the CFAP uses the PU in IKU2 to 
validate an application signature on EKU1, and therefore the IPUK instruction uses IKU2 only to update 
IKU3 as a service to the CFAP. Likewise, when import-mode = 0 and signature-mode = 1 , the IPUK 

15 instruction assumes that the CFAP uses the PU in EKU1 to validate an application signature on EKUI. and 
therefore the IPUK instruction uses EKU1 only to update IKU3 as a service to the CFAP. On the other hand, 
signature-mode = 2 indicates that no signature is specified to, and checked by, the CFAP. signature- 
mode =2 is valid only when import-mode = 0. Signature-mode = 2 can be specified only when a root PU is 
imported (i.e., when import-mode = 0 is specified). When signature-mode = 2. the IPUK instruction sets the 

20 HIST-CHAIN field = B'OO' in the control vector of the imported public key (i.e., the imported PU key is 
always typed as a BRONZE key). 

A field in the configuration vector, designated SIG-COMPATIBILITY(IPUK), indicates whether dsig1 is 
required (i.e., signified by SIG-COMPATIBILITY(IPUK) = B'O') or whether dsig1 is optional (i.e.. signified by 
SIG-COMPATIBILITY(IPUK) = B'V). For example, when signature-mode = 1 or signature-mode = 2 are 

25 specified, the IPUK instruction ensures that SIG-COMPATIBILITY(IPUK) = B'V. 

When a device is configured to specify SIG-COMPATIBILITY(IPUK) = B*0'. the system signature 
attached to the External Key Unit is produced at an originating device (a) via an EPUK instruction, if the 
originating device is configured as an ordinary security module (i.e., INTERCHANGE field in configuration 
vector is B'O') or (b) via a CDS instruction, if the originating device is specifally configured as an 

30 interchange device (i.e., INTERCHANGE field in configuration vector is B'V). Except when the originating 
device is an interchange device, the IPUK instruction executed at the receiving device ensures that an 
imported PUA key with HIST-CHAIN = 3 must hake originated with the same device as the PUM key used to 
validate the digital signature on that imported PUA key. 

For import-mode = 0, an MDC-mode parameter additionally specifies whether the imported External Key 

35 Unit is validated against an MDC value in the MDC Table stored in the CF Environment. MDCs stored in the 
MDC Table may be calculated using either MDC-2 or MDC-4 hash algorithm. An MDC-index parameter 
specifies which entry in the MDC Table is used for validating the imported EKU. If EKU Contains a PUC 
key, then MDC-index must have a value from 0 to 15, inclusive. If EKU contains a PUA, PUM. or PUU key, 
then MDC-index must have a value of 16. However, if importmode = 0, MDC-mode = 0, and EKU contains a 

40 PUC key. then the IPUK instruction performs as follows: (1) MDC-index is set equal to the value of DOMAIN 
ID in the PUC control vector, (2) it is verified that EKUMDC FLAG(MDC-index) = B'OO', (3) an MDC is 
calculated on EKU and stored in EKUMDC(MDC-index), and (4) EKUNDC FLAG(MDC-index) is set equal to 
B'Or. The IPUK processing rules ensure that one and only one PUC key can be imported for each domain 
(DOMAIN ID). 

45 Control vectors CI, C3. and C4 are all associated with the PU to be imported. CI is stored in EKU1, C4 
is stored in IKU3, and C3 is an intermediate value used by the CFAP to request changes to CI, as follows. 
When a PU is imported, the CFAP is permitted, in certain cases, to change control vector fields. If no 
change is desired or no change is permitted, then the CFAP sets C3 : = C1, else the CFAP produces C3 by 
making selected changes to CI . The control vector checking process assures that C3 is properly specified. 

50 Likewise, when a PU is imported the CF is permitted to change certain control vector fields, e.g.. to record 
import "history" about PU. If no change is needed or prescribed, then the CF sets 04 := 03; else the CF 
produces 04 by making selected changes to 03. 

The fundamental strategy followed in key import is to freely permit, rather than restrict, the key import 
process-except that all relevant history and actions pertaining to the key and to the key import process are 

55 recorded in the control vector of the imported key. Thereafter, when the key is used, the "history" 
information in the control vector is be tested to ensure that it meets whatever minimum standard has been 
set forth. For example, when used together with a private key in one of the key management instructions, 
such as a GKSP or IDK instruction, the logged "history" information in the control vector of the public key 
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must be at least as great as the threshold information that has been encoded into the control vector of the 
private key at the time of key generation via the GPUPR instruction. 
The Import Public key instruction executes only in the "run" state, 

5 FUNCTIONAL SPECIFICATION: 

1 . Perform input parameter consistency checking: 

a. If import-mode = 0, then verify MDC-mode= 0 or 1 b. If import-mode = 0 and MDC-mode = 1, then 
verify 0 ^ MDC-index ^16, 
10 c. Verify that EKU1 is consistent to definition of an EKU. 

d. If import-mode = 1 , then verify that tKU2 is consistent to definition of an EKU. 

e. If import-mode = 0, verify that signature-mode = 0, 1 or 2. 

f. Else (import-mode = 1) verify signature-mode = 0 or 1. 

Continue if checking succeeds; otherwise set CC status flag and jump to step 13. 
75 2. Perform configuration vector and state vector checking: 

a. Verify that CF STATE in state vector is in the "run" state. 

b. Verify that KMP-FLAG(CKMP) in state vector is in the "full" state. 

c. Verify that DEFINE(IPUK) in config. vector = B'1'. 

d. Verify that ENABLE(IPUK) in state vector = B'OOV 

20 e. If import-mode = 0 and MDC-mode = 1, then verify EDUMDC FLAG(MDC-index) in state vector > 

BW. 

f. If signature-mode = 1 or signature-mode = 2, then verify that SIG-COMPATlBILITY(iPUK) in config. 
vector = B'r. 

Continue if checking succeeds; otherwise set CC status flag and jump to step 13. 
25 3. Perform control block and control vector checking. Continue if checking succeeds; otherwise set CC 
status flag and jump to step 13. 

A. Calculate MDC on EKU3, using the hash algorithm specified by input hash-rule, if import-mode = 0 and 
MDC-mode = 1. 

5. Initialize MDC Table entry, if import-mode = 0 and MDC-mode = 0 and EKU1 contains a PUC key: 
30 If import-mode = 0 and MDC-mode = 0, then do: 

a. Extract the system control block SCB1 from EKU1. 

b. Extract the control vector C1 from SCB1. 

c. If CV TYPE in 01 = 'PUC, then do: 
1) Verify 0 =< MDC-index =< 15. 

35 2) Set X : = value of DOMAIN ID in C1 (i.e., 0 to 15) 

3) Verify X = MDC-index 

4) Verify EKUMDC FLAG(MDC-index) in state vector = B'OO'. 

5) Continue if all of the above checking succeeds; otherwise set CC status flag and jump to step 
13. 

40 6) Calculate MDC on EKU1, using the hash algorithm specified by input hash-rule. 

7) Set EKUMDC FLAG(MDC-index) in state vector := B'OV. 

8) Set EKUMDC(MDC-index) in MDC Table := MDC (i.e., MDC calculated above) 

6. Validate MDC if import-mode = 0 and MDC-mode = 1: 

a. Set MDC-of-reference := EKUMDC(MDC-index) in MDC Table 
45 b. Verify MDC-of-reference = MDC (calculated above) 

Continue if checking succeeds; otherwise set CC status flag and jump to step 13. 

7. Construct expected record-codel to be referenced against record-code stored in cfssri, if signature- 
mode =0: 

a. If import-mode = 0, then extract control vector C from EKU1. 
50 b. If import-mode = 1, then extract control vector C from IKU2. 

c. Construct record-codel from control vector C. 

8. Recover and validate cfssri, if signature-mode = 0: 

a. If import-mode = 0, then recover cryptographic facility system signature record cfssri from from 
digital signature dsig1, using the public key stored in EKU1. 
55 b. If import-mode= 1 , then recover cryptographic facility system signature record cfssri from from 

digital signature dsig1, using the public key stored in IKU2. 

c. Verify that cfssri is consistent to definition of a cryptographic facility system signature record. 

d. Extract hash rule hash-rulel from cfssri. 
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e. Verify that record-code stored in cfssri is the same as record-code1 . 
Continue if checking succeeds; otherwise set CC status flag and jump to step 13. 

9. Calculate hash value MDC1 on EKU1 using the hash algorithm specified by hash-rulel, if signature- 
mode =0. 

5 10. Validate MDC1 against reference MDC1 in cfssri, if signature-mode = 0: 

a. Extract the hash value stored in the hash field in cfssri. 

b. Verify that MDCl is the same as the extracted hash value. 

Continue if verification succeeds; otherwise set CC status flag and jump to step 13. 
1 1 . Construct outputs IKU3-length and IKU3: 
70 a. If import-mode = 0, then set C2 : = CI 

b. Set C4 := C3 and update history information (HIST-IPUK, HIST-CHAIN. HIST-MDC, HIST-DGMAIN 
ID, and HIST-KREGMODE) in C4, using the Control Vector Generate. 

c. Replace the value of the control vector stored in EKU1 with C4. 

d. Construct a key authenticator record karl from the key record in EKU1, using the method specified 
75 in Key Record Encrypt Algorithm 12. 

e. Construct a clear key unit CKU1 from EKU1 and karl. 

f. Set CKMP : = value of KMP stored in the CKMP register. 

g. Perform Encipher Clear Key Unit On CKU1 to obtain an internal key unit IKU3, using CKMP as the 
master key KMP. 

20 12. Perform state vector update: None. 

13. Produce output CC from CC status flags. 

CONTROL BLOCK AND CONTROL VECTOR CHECKING: 

25 Perform Control block and control vector checking: 

1. Extract SCB1 and CI from EKU1: 

a. Extract the system control block SCB1 from EKU1. 

b. Extract control vector Cl from SCB1. 

2. Extract SCB2 and C2 from IKU2. if import-mode-1 : 
30 a. Extract system control block SCB2 from IKU2. 

b. Extract control vector C2 from SCB2. 

3. Checking on C1 (associated with PU to-be-imported): 

a. Verify CV TYPE in Cl = B'lllOxxx* (i.e., a public PKA key) 

b. If import-mode = 0 and MDC-mode = 1, then do: 

35 1) If CV TYPE in Cl = 'PUC, then verify MDC-index = DOMAIN ID in Cl (i.e., a value 0 to 15). 

2) If CV TYPE in Cl ^ 'PUC, then verify MDC-index =16. 
NOTE: For import-mode = 0, IPUK usage is not checked since the use of PU to validate a 'weak' 
signature is always implied. 

4. Checking on C2, if import-mode = 0 none 

40 NOTE: The IPUK usage bit is not checked for import-mode = 0, since the usage in this case is implied. 

5. Checking on C2 (associated with PU used to validate signature), if import-mode = 1: 

a. Verify CV TYPE in C3 = B'lllOxxx' (I.e., a public PKA key) 

b. Verify IPUK usage bit in C2 = B'V (i.e., enabled) 

c. Perform Control Vector Validate on C2 to validate certain fields in C2. 
45 6. Checking on C1 and C3: 

a. Verify C3 = Cl 

NOTE: there are currently no fields in Cl that may be altered by CFAP. 

7. (optional) Checking on SCB1, if import-mode = 0: 

a. (optional) Verify that the current date and time is less than the expiration time Texp specified in 
50 SCB1. 

NOTE: : Tstart, Texp, and EID are checked only when an IKU is used. 

8. Checking on SCB1, if import-mode = 1 (i.e., when PU is the key being imported): no checking 
required. 

9. Checking on SCB2, if import-mode = 1 (i.e., when PU is used to verify a 'strong' signature): 

55 a. Verify that the current date and time are in the time interval (Tstart,Texp), specified in SCB2 (i.e.. 

Tstart =< DT < Texp). 
Continue if checking succeeds; otherwise set CC status flag and jump to step 1 3. 
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15 



In the above checking steps, it should be noted that innport-mode = 1 implies that (1) signature-nnode = 0 
or signature-mode = 1 and that (2) an IKU2 is specified to the IPUK instruction. 

Import Private Key (IPRK) 



EQUATION: 

inputi-source 
<EKUl-length> 
<EKU1> 
— > 

I KU2- length 

IKU2 

CC 



/lb minimum/ 
/16b/ 

/unspecified/ 
/16b/ 

/unspecified/ 
/unspecified/ 



; if input-source=0 
; if input-source=0 



20 PARAMETER DEFINITIONS: 

INPUTS DESCRIPTION 



25 



INPUT- SOURCE 



The input-source parameter specifies the 
source of EKUl-length and EKUl, as follows 



30 



o input-source=0 : instruction input 
o input-source=l : EKU buffer in CF 
Environment 
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EKUl -LENGTH 



The length of EKUl in bytes. This input is 
required if input- source = 0. 



10 



EKUl 



75 



An External Key Unit containing the to-be- 
imported PR. This input is required if 
input-source = 0. The value of EID in SCBl 
must equal the value in the EID register. 
The value of Texp in SCBl must satisfy the 
relationship DT < Texp, where DT is the 
current date and time expressed in Coordi- 
nated Universal Time. 



OUTPUTS 



DESCRIPTION 



20 



IKU2-LENGTH The length of IKU2 in bytes 



25 



IKU2 



CC 



An Internal Key Unit containing the imported PR. 

Condition code indicating success or failure 
of the instruction execution. 



30 



35 



40 



DESCRIPTION: 

The Import Private Key instruction translates an External Key Unit EKU1 containing a PRU key to an 
Internal Key Unit containing the PRU. An input source parameter indicates whether EKU1 is supplied as a 
parameter input to the Import Private Key instruction or whether it is read from the EKU buffer in the OF 
Environment. An EKU1 read from the EKU buffer must be loaded into the OF via a protected interface, e.g., 
a smart card reader. 

The EID field in the System Control Block (SOB) of EKU1 must be initialized with 16 ASCII 'O's or with a 
value equal to the value stored in the EID register of the OF (i.e., the EID value originally set using an LPID 
instruction). 

The Import Private Key instruction executes only in the "run" state. 



Generate Key Set PKA (GKSP) 

45 EQUATION: 



50 
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15 



20 



25 



30 



process— mode 
domain— id 

key-management-protocc 
<)cey-management.-mode> 

<PR-mode> 
<ha9h-rule> 
<IKUl-lengt:h> 
<IKU1> 

<IKU2-length> 

<IKU2> 

<ticket:-in> 

<C3> 

<C4> 

— > 

<e*KM.C4(KKI.)> 
<e*KM.C5(KKR)> 
<keyblk-length> 
<ePXJM(keyblk)> 
<ds ig 1- length> 
<dsigl> 
<ticket— out> 
CC 



/2b minimum/ 



/4b/ 


; if 


process— mode= 


0 


or 


1) 




/lb minimum/ 


; if 


process-mode= 


[ 0 


or 


1) 




/lb minimum/ 


; if 


process-mode= 


0 


or 


1) / 


key-manage 






ment-protocol= 


= 1 








/lb minimum/ 


; if 


pr oce s s— mode= 




or 


2 ) 




/3b minimum/ 


; if 


process— mode= 


! 0 


or 


2) , 


PR— mode = 1 


/16b/ 


; if 


process— mode= 


0 


or 


2) 




/unspecif ied/ 


; if 


proces s— mode= 


(0 


or 


2) 




/16b/ 


; if 


pr oce s s -mode= 


(0 


or 


2), 


PR-mode= 1 


/unspecified/ 


; if 


pr oce s s -mode= 


(0 


or 


2). 


PR-mode =1 


/64b/ 


; if 


process-mode=i 










/128b/ 


; if 


pr oce s s-mode= 


[0 


or 


1) 




/128b/ 


; if 


proce8B-mode= 


(0 


or 


1) 





/64b/ 
/64b/ 
/16b/ 

/unspecif ied/ 
/16b/ 

/unspecified/ 
/64b/ 

/unspecified/ 



if 


process-mode= ( 0 


or 


1) 




if 


process-mode= < 0 


or 


1) 




if 


procefla-mode=(0 


or 


2) 




if 


process-mode= ( 0 


or 


2) 




if 


process-mode— ( 0 


or 


2), 


PR-mode= 1 


if 


process— mode= ( 0 


or 


2), 


PR-mode ==1 


if 


process-mode=l 
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PARAMETER DEFINITIONS: 
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45 



50 
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INPUTS 



DESCRIPTION 



PROCESS -MODE 



specifies the instruction processing mode, 
as follows: 



70 



75 



process-mode=0 : produce outputs from 
inputs 

process-mode=l : produce intermediate 
outputs from inputs 

process-mode=2 : produce outputs from 
intermediate outputs 



20 



25 



DOMAIN-ID 



The domain- id parameter specifies a domain 
identifier that ranges from 0 to 15. When C3 
and C4 are 64 bit control vectors (EXTENSION 
= B'OO'), a value of domain-id=0 must be 
specified. This parameter is required only 
when process -mode= ( 0 or 1 ) . 



30 



KEY-MANAGEMENT-PROTOCOL 

The key-management-protocol parameter 
specifies the protocol used for key manage- 
ment, as follows: 



35 



40 



key-management-protocol=^0 : private 
protocol 

key-management -protocol=l : certifica- 
tion center protocol 



45 



This parameter is required only when process- 
mode= ( 0 or 1 ) . 

KEY-MANAGEMENT-MODE 

The key-management-mode parameter specifies 



50 
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the method (called mode) used to register a 
public key management key with the certifica- 
tion center, as follows: 



10 



key-management-mode=0 : key registration 
is performed using mode 0 

key-management-mode=l : key registration 
is performed using mode 1 



75 



20 



The CF does not define the meaning of modes 
0 and 1. These modes are defined on the basis 
of the network key management architecture, 
and (as far as the CF is concerned) can be 
whatever a customer wants them to be. This 
parameter is required only when process- 
mode=(0 or 1) and key-management-protocol=l . 



25 



PR-MODE 



The PR-mode parameter specifies whether a 
digital signature is generated and, if so, 
then also the source of PR. 



30 



O 

o 



PR-mode=0 
PR-mode=l 



no 
yes. 



use PR in IKU2 



35 



This parameter is required only when process- 
mode=0 or process-mode=2 . 



HASH -RULE 



40 



Specifies the hash algorithm to be used to 
calculate a hash value on ePUM(keyblk) • The 
encoding of the hash-rule is as follows: 



45 
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o 


hash- 


rule = 


0 : 


MDC-2 algorithm 


o 


hash- 


rule - 


1 : 


MDC-4 algorithm 


o 


hash- 


rule = 


2 : 


MD4 algorithm 


a 


hash- 


rule - 


3 : 


quadratic residue 


o 


hash- 


rule = 


4-7 


: reserved 
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This parameter is required only when process- 
mode=(0 or 2) and PR-mode=l. 

IKUl-LENGTH The length of IKUl in' bytes. 

This parameter is required only when process- 
mode= ( 0 or 2 ) . 

IKUl An Internal Key Unit containing a PUM of 

another device and belonging to domain- id. 
The value of EID in SCBl must not equal the 
value in the EID register. The values of 
Tstart and Texp in SCBl must satisfy the 
relationship Tstart < DT < Texp, where DT is 
the current date and time expressed in 
Coordinated Universal Time. 



This parameter is required only when process- 
mode=( 0 or 2 ) . 

IKU2 -LENGTH The length of IKU2 in bytes. This parameter 

is required only when process-mode= ( 0 or 2) 
and PR-mode=l. 

IKU2 An Internal Key Unit containing a PRM of 

this device and belonging to domain-id • The 
value of EID in SCB2 must equal the value in 
the EID register. The values of Tstart and 
Texp in SCB2 must satisfy the relationship 
Tstart =< DT < Texp, where DT is the current 
date and time expressed in Coordinated 
Universal Time. This parameter is required 
only when process-mode=( 0 or 2) and PR-mode=l. 
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45 



50 



TICKET- IN An 8-byte value that must be equal to the 
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8-byte value stored in the GKSP-Ticket 
register in the CF. This parameter is 
required only when process-mode=2 . 



C3 



10 



75 



20 



25 



C4 



A 16-byte control vector associated with the 
leftmost 64 bits of the key-encrypting 
receiver key KK to be exported to a receiving 
cryptographic system. For process -mode=0 , C3 
MUST be equal to the control vector stored 
in keyblk of output parameter ePUM( keyblk) . 
See control vector checking for a specifica- 
tion of C3 . This parameter is required only 
when process-mode=( 0 or 1). 

A 16-byte control vector associated with 
KKL, where KKL. is the leftmost 64 bits of 
the key-encrypting sender key KK to be 
retained at the generating cryptographic 
system. This parameter is required only 
when process-mode=( 0 or 1). 



30 



OUTPUTS 



DESCRIPTION 
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45 



E*KM.C4(KKL) 



E*KM.C5{KKR) 



64 bit key KKL enciphered under 128 bit 
master key KM and 128 bit control vector C4 . 
KKL is the left half of a 128 bit key-encrypt- 
ing key. This parameter is produced only 
when process-mode=( 0 or 1). 

64 bit key KKR enciphered under 128 bit 
master key KM and 128 bit control vector C5 . 
KKR is the right half of a 128 bit key-encrypt- 
ing key. This parameter is produced only 
when process-mode=( 0 or 1). 



50 



KEYBLK-LENGTH The length of keyblk and ePUM(keyblk) in 
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bits. This parameter is produced only when 
process -mode= ( 0 or 2 ) . 



EPUM(KEyBLK) 



10 



15 



DSIGl -LENGTH 



20 



25 



30 



DSIGl 



keyblk encrypted with public key PUM of 
another device. For process -mode=0 , keyblk 
is a key block produced from a Crypto Facili 
ty DEA Key Record (CFDKR). For process- 
mode=(l or 2), keyblk has an unspecified 
format. This parameter is produced only 
when process-mode= ( 0 or 2). 

The length of dsigl in bits. This parameter 
is produced only when process-mode= ( 0 or 2) 
and PR-mode= 1 . 

A digital signature produced from a CF 
System Signature Record (CFSSR) and a 
private key management key PRM of this 
device^ in accordance with section 6 of ISO 
DIS 9796. The CFSSR contains a 128-bit hash 
value calculated on ePUM( cf bdkbl ) . This 
parameter is produced only when process- 
mode=(0 or 2) and PR-mode=l. 



35 



40 



TICKET-OUT 



An 8-byte value equal to an 8-byte value 
stored in the GKSP-Ticket register in the 
CF. This parameter is produced only when 
process -mode=l . 



45 



cc 



Condition code indicating success or failure 
of the instruction execution. 



DESCRIPTION: 

50 The Generate Key Set PKA instruction generates two encrypted copies of a 128-bit key-encrypting key, 
KK = (KKL, KKR), where KKL and KKR are the left and right 64-bit parts of KK. The first copy, which Is 
encrypted with the master key, is for local use at the generating device. The second copy, which is 
encrypted with a public key management key, is distributed to a receiving device where it is imported with 
and IDK instruction. At the generating device. KK is designated (via a control vector) to be a key- encrypting 

55 sender key with a 'GKS OP-EX' attribute. At the receiving device, KK is designated (via a control vector) to 
be a key-encrypting receiver key with an 'RTMK* attribute. (When the receiving device does not implement 
PKCD or control vectors, KK usage must be controlled via other means.) The EXPORT CONTROL field in 
the control vectors associated with KK must also specify *no export.' 
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The first encrypted copy of KK has the form e*KM.C4(KKL), e*KM.C5(KKR), where e*KM.C4(KKL) and 
e*KM.C5(KKR) are the encrypted left and right 64-bit parts of KK, respectively. KM.C4 and KM.C5 are 
variant keys formed as the Exclusive-OR product of master key KM and control vectors C4 and C5, 
respectively. C4 and C5 are control vectors associated with KKL and KKR, respectively. The second 
5 encrypted copy of KK has the form ePUM(keyblk), where PUM is the public key management key of the 
receiving device and keyblk is a key block containing KK. 

A process-mode parameter provides different processing options within the GKSP instruction. When 
process-mode = 0 is specified, keyblk is key block produced from a Crypto Facility DBA Key Record 
(CFDKR). The format of the CFDKR and the algorithm foe producing keyblk from CFDKR are rigidly defined 
70 by PKCD. Process-modes 1 and 2 permit a keyblk with unspecified format to be processed. This is 
accomplished by invoking the GKSP instruction with process-mode = 1 to produce a CFDKR stored within 
the CF, then invoking a Translate-from-CFDKR instruction which translates CFDKR to a specified key block 
(keyblk) also stored within the CF, and finally invoking the GKSP instruction with process-mode = 2 to take 
the so-translated keyblk and encrypt it with the public key management key, PUM, of the receiving device. 
75 The aim of process-modes 1 and 2 is to remove the translation step from the GKSP instruction, so that the 
GKSP instruction need not directly implement a host of different possible translation options for compatibil- 
ity with other non-PKCD devices. A significant advantage can be achieved if the Translate-from-CFDKR 
instruction is implemented within a programmable memory within the CF. 

The Generate Key Set PKA instruction has options for generating a system signature, dsig1, on output 
20 ePUM(keyblk) (PR-mode = 1) or not generating a system signature on output ePUN(keyblk) (PR-mode = 0). 
When PR-mode = 1 is specified, a private key management key, PRM, belonging to the sending device is 
used to generated the system signature. A hash-rule parameter indicates to the GKSP instruction the hash 
algorithm to be used in generating the digital signature. 

The Generate Key Set PKA instruction executes only in the "run" state. 

25 

FUNCTIONAL SPECIFICATION: 

1. Verify process-mode = 0, 1 , or 2. If verification fails, set CC status flag and jump to step 13. 

2. Validate ticket-in, and extract fields from CF Environment, if process- mode = 2: 
30 If process-mode = 2 then do: 

a. Verify GKSP Buffer Flag in CF Environment = 2 or 3. If verification fails then set CC status flag and 
jump to step 13 

b. Verify ticket-in := value stored in GKSP Ticket field in CF Environment. If verification fails then set 
CC status flag and jump to step 13 

35 c. Set domain-id : = bits 00. .03 of GKSP Save field in CF Environment 

d. Set key-management-protocol ;= bit 04 of GKSP Save field in CF Environment 

e. Set key-management-mode : = bit 05 of GKSP Save field in CF Environment. 

3. Perform input parameter consistency checking if process-mode = 0 or 2: 
If process-mode - 0 or process-mode = 2 then do: 

40 a. Verify PR-mode = 0 or 1 

b. Verify that IKU1 is consistent to definition of an IKU. 

c. If PR-mode = 1, then verify that IKU2 is consistent to definition of an IKU. 
Continue if checking succeeds; otherwise set CC status flag and jump to step 13. 

4. Perform configuration vector and state vector checking: 
45 a. Verify that DEFINE(GKSP) in config. vector = B'V. 

b. If key-management-protocol = 1 , then KMGT PROTOCOL in config. vector = B'lV or B*10'. 

c. If key-management-protocol = 1 and key-management-mode = 0, then KREG in config. vector = 
B'O'. 

d. If key-management-protocol =0, then KMGT PROTOCOL in config. vector = B'lV or B'OV. 
50 e. Verify that CF STATE in state vector is in the "run" state 

f. Verify that KMP-FLAG(CKMP) in state vector is in the "full" state. 

g. Verify that CKM FLAG in state vector is in the "full" state. 

h. (optional) Verify LPID FLAG in state vector is in the "full" state. 

i. Verify that ENABLE(GKSP) in state vector = B'OO'. 

55 Continue if checking succeeds; otherwise set CC status flag and jump to step 13. 

5. Perform control block and control vector checking. Continue if checking succeeds; otherwise set CC 
status flag and jump to step 13. 
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6. Construct a record code record-code1 for cfdkri based on parameters key- m an ag enn en t- protocol and 
key-nnanagement-nnode, if process-mode = 0 or process-mode = 1 . 

7. Construct cfdkri if process-mode = 0 or process-mode = 1 : 

a. Generate a 128-bit random key KK consisting of a 64-bit left half KKL and a 64-bit right half KKR. 
5 b. Adjust parity of KK to odd parity 

c. Set EID : = contents of the EID register in CF Environment. 

d. Construct the cryptographic facility DEA key record cfdkri based on KK, EID, C3, and record- 
codel . 

8. Produce outputs e*KM.C4(KKL) and e'KM.C5(KKR) if process-mode = 0 or process-mode = 1: 
70 If process-mode = 0 or process-mode = 1 then do: 

a. Set KM : = contents of CKM Register in the CF Environment. 

b. Exclusive-OR KM to C4 and use the resulting key to encrypt KKL. 

c. Set C5 : = C4 and invert the values in bits 41 and 42 in C5 (i.e., adjust the KEY FORM field in C5). 

d. Exclusive-OR KM to C5 and use the resulting key to encrypt KKR. 

75 9. Produce output ticket-out and store parameter values in CF Environment if process-mode = 1: 
If process-mode = 1 then do: 

a. Generate a 64-blt random number and assign it to ticket-out. 

b. Save parameter values in CF Environment: 

1) Set GKSP Ticket field in CF Environment := ticket-out 
20 2) Set GKSP Save field in CF Environment : = domain-id t| key-management-protocol || key- 

management-mode II B*00' 

3) Set GKSP Buffer Flag in CF Environment := 1. 

4) Set GKSP Buffer field in CF Environment := 416-blt cfdkri (left- justified in GKSP Buffer field). 

5) Set GKSP Record Length field in CF Environment := 416 

25 6) Set GKSP Buffer Length field in CF Environment : = value of GKSP-buffer-length in Configura- 

tion Table. 

10. Produce outputs keyblk-length and ePUM(keyblk) if process-mode = 0 or process-mode = 2: 

a. If process-mode = 0 then do: 
1 ) Set key-process = 1 

30 2) Set cfdkri -length := 416 

b. If process-mode = 2 then do: 

1) Set key-process := value of GKSP Buffer Flag in CF Environment -2 /* Set key-process := 0, if 
GKSP Buffer Flag = 2 vr Set key-process : = 1 , if GKSP Buffer Flag =37 

2) Set cfdkri -length : = value stored in GKSP Record Length field in CF Environment 
35 3) Set cfdkri : = the leftmost cfdkri -length bits of value stored in GKSP-buffer. 

c. Construct an encrypted DEA key block ePUM(keyblk). from cfdkri, using the public key PUM 
stored in IKU1. Note: keyblk-length is also produced by this step. 

11. Produce outputs dsigl -length and dsig1, if (process-mode = 0 or process- mode = 2) and if PR- 
mode = 1 : 

40 a. Extract 16-byte control vector C from IKU2 

b. Construct record-code to be stored in a cryptographic facility system signature record, based on 
control vector C. 

c. Calculate a hash value on ePUM(keyblk), using the hash algorithm specified by input hash-rule. 

d. Construct a cryptographic facility system signature record cfssri from hash-rule, record-code, 
45 and the calculated hash value. 

e. Calculate digital signature dsigl on the constructed cfssri, using the private key stored in IKU2. 

12. Reset CF Environment parameters if process-mode = 2: 
If process-mode = 2 then do: 

a. Set GKSP Ticket field in CF Environment := 8 X'OO' 
50 b. Set GKSP Save field n CF Environment : = X'OO' 

c. Set GKSP Buffer Flag in CF Environment := 0. 

13. Produce output CC from CC status flags. 
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CONTROL BLOCK AND CONTROL VECTOR CHECKING: 

Perform control block and control vector checking: 
A Perform the checking in steps 1, 2, and 3. if process-mode = 0 Or process-mode = 1: 
1. Checking on C3 (associated with KKL sent to receiver) 
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a. CV TYPE in C3 = 'Key-Encrypting Receiver Key' 

b. Verify RTMK in C3 = B'1' (i.e., enabled) 

c. Verify XLTKEY-in in C3 = B'O' (i.e., disabled) 

d. Verify GKS in C3 = B'OOO' (i.e., disabled) 

e. Verify EXPORT CONTROL in 03 = B'O' (i.e., export via RFMK not permitted) 

f. If EXTENSION in 03 = B'OO'. then verify domain-id (in instruction) = 0 

g. Verify KEY FORM = B'OlO' or B'1 10' (i.e., KKL) 

h. Verify EXTENSION in 03 = B'OO' or B'OV. 

i. If EXTENSION in 03 = B'OO', then do: 

1) Verify C3R = C3L (i.e., OV EXTENSION = OV BASE) 

2) Verify domain-id (in instruction) = 0 
j. If EXTENSION In 03 = B'01', then do: 

1) Verify DOMAIN ID in 03 = domain-id (in instruction). 

2) Verify HIST-GKSP/IDK field in 03 = B'1' 

2. Checking on 04 (associated with KKL retained by sender): 

a. CV TYPE in 04 = 'Key-Encrypting Sender Key' 

b. Verify GKS In 04 = B'1 11' (i.e., enabled) 
0. Verify RFMK in 04 = B'O' (i.e., disabled) 

d. Verify XLTKEY-out in 04 = B'O' (i.e., disabled) 

e. Verify EXPORT CONTROL in 04 = B'O' (i.e., export via RFMK not permitted) 

f. If EXTENSION in C4 = B'OO', then do: 

1) Verify C4R = C4L (i.e., OV EXTENSION = OV BASE) 

2) Verify domain-id (in instruction) = 0 

3. Checking on C3 and C4: 

a- Verify KEY FORM in 04 = KEY FORM in 03. 

b. Verify EXTENSION in 04 = EXTENSION in 03. 

c. If LOG INDICATOR in C3 = 1 then LOG in C3 = USAGE in 04 (i.e. C3(50..54) = C4(18..22) 

d. If LOG INDICATOR in C4 = 1 then LOG In 04 = USAGE in 03 (i.e. O4(50..54) = C3(18..22) 

e. If EXTENSION = B'OV, then verify C4R = C3R 

Continue if checking succeeds; otherwise set CO status flag and jump to step 13. 

B Perform the checking in steps 4, 5, 10, if process-mode = 0 or process-mode = 2: 

4. Extract SCB1 and CI from IKU1: 

a. Extract system control block SCB1 from IKU1. 

b. Extract control vector 01 from S0B1. 

5. Extract SCB2 and 02 from IKU2, if PR-mode = 1 

a. Extract system control block SCB2 from IKU2. 

b. Extract control vector 02 from S0B2. 

6. Checking on 01 (associated with PUM): 

a. Verify CV TYPE in 01 = 'public key management key* 

b. Note: checking on CV TYPE EXTENSION has been deleted. 

c. Verify GKSP usage in CI = B'1 ' (I.e., enabled) 

d. Verify HIST-IPUK = B'V (i.e.. imported) 

e. Verify DOMAIN ID in 01 = domain-id (in instruction) 

f. If key-management-protocol (in instruction) = B'1' (i.e., 'certification center protocol'), then do: 

1) If key-management-mode (in instruction) = 0, then KREGMODE in CI = B'OV. 

2) If key-management-mode (in instruction) = 1, then KREGMODE in 01 = B'10'. 

3) Verify HIST-CHAiN in 01 = 2. 

g. Perform Control Vector Validate on 01 to validate certain fields In 01. 

h. Verify HIST-MDC in 01 > = FLOOR-MDC In configuration vector. 

7. Checking on 02 (associated with PRM), if PR-mode = 1 : 

a. Verify CV TYPE in 02 = 'private key management key' 

b. Verify GKSP in C2 = B'1' (i.e., enabled) 

c. Verify DOMAIN ID in 02 = domain-id (in instruction) 

d. Perform Control Vector Validate on 02 to validate certain fields in C2. 

e. Verify RC2 = 0 

8. Checking on 01 and C2 (associated with PUM and PRM), if PR-mode = 1: 

a. Verify HIST-MDC in 01 > = THRES-MDC in 02. (This check is valid for private protocols and 
certification center protocols.) 
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10 



15 



b. Note: checking on CV TYPE EXTENSION has been deleted. 

9. Checking on SCB1: 

a. Verify that the current date and time are in the time interval (TstartTexp), specified in SCB1 (i.e., 
Tstart =< DT < Texp). 

b. Verify that the Environment ID stored in the EID register is not the same as the Environment ID 
stored in SCB1 . 

10. Checking on SCB2, if PR-mode = 1: 

a. Verify that the current date and time are in the time interval (TstartTexp), specified In SCB2 (i.e., 
Tstart =< DT < Texp). 

b- Verify that the Environment ID stored in the EID register is the same as the Environment ID 
stored in SCB2. 

Continue if checking succeeds; otherwise set CC status flag and jump to step 13. 
Import DEA Key (IDK) 
EQUATION: 



process-mode 



/2b minimum/ 



20 



25 



30 



35 



40 



45 



domain-id /4b/ 
key-managementi -protocol /lb minimum/ 
<key-management-mode> /lb minimum/ 



50 



<IKUl-length> 
<IKU1> 

<IKU2-length> 
<IKU2> 

<keyblk-iength> 
<ePUM(keyblk)> 
<dsigl-lengt:h> 
<dsigl> 

<ticket-in> 

<sender-EID> 

<C3> 

<C4> 

— > 

<e*KM.C5(KKL)> 
<e*KM.C6(KKR)> 
<ticket-out> 
CC 



/16b/ 

/unspecified/ 
/16b/ 

/unspecified/ 
/16b/ 

/unspecified/ 
/16b/ 

/ unspecif ied/ 

/64b/ 
/128b/ 
/128b/ 
/128b/ 

/64b/ 
/64b/ 
/64b/ 

/ unspec i f ied/ 



if process -mode= ( O or 1) 
if process-mode= (O or 1) 
if procesa-raode=(0 or 1 ) , key-man- 

agement-protocol=l 
if process-mode={0 or 1), dsigl- 
length>0 

if process-mode=(0 or 1), dsigl- 

length>0 
if process-mode=(0 or 1) 
if process-mode= ( O or 1} 
if process-mode=(0 or 1) 
if process-mode=(0 or 1) 
if proce ss -modes ( O or 1) 
if process-mode=(0 or 1), dsigl- 
length>0 
; if process-mode=2 
; if process-mode- (O or 2) 
; if process-mode=(0 or 2) 
; if process-mode=(0 or 2) 

; if process-modea= (O or 2) 
; if process-mode=(0 or 2) 
; if process-mode=l 
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INPUTS DESCRIPTION 

PROCESS-MODE specifies the instruction processing mode, 
as follows: 

o process-mocle=0 : produce outputs from 
inputs 

o process -mode=l : produce intermediate 
outputs from inputs 
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o process -mode=2 : produce outputs from 
intermediate outputs 

DOMAIN-ID The domain-id parameter specifies a domain 

identifier that ranges from 0 to 15 • When C3 
and C4 are 64 bit control vectors (EXTENSION 
- B'OO'), a value of domain-id=0 must be 
specified. This parameter is required only 
when process -mode= ( 0 or !)• 

KEY-MANAGEMENT-PROTOCOL 

The key-management-protocol parameter 
specifies the protocol used for key manage- 
ment, as follows: 



o key-management-protocol=0 : private 
protocol 

o key-management-protocol=l : certifica- 
tion center protocol 

This parameter is required only when process- 
mode= (0 or 1 ) . 



KEY-MANAGEMENT-MODE 

The key-management-mode parameter specifies 
the method (called mode) used to register a 
public key management key with the certifica- 
tion center, as follows: 



o key-management-mode=0 : key registration 
45 is performed using mode 0 

o key-management-mode=l : key registration 
is performed using mode 1 



50 



The CF does not define the meaning of modes 
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10 



I KUl- LENGTH 



75 



IKUl 



20 



25 



30 



35 



IKU2 -LENGTH 



IKU2 



40 



45 



0 and 1. These modes are defined on the basis 
of the network key management architecture, 
and (as far as the CF is concerned) can be 
whatever a customer wants them to be. This 
parameter is required only when process- 
mode=(0 or 1) and key-management-protocol=l • 

The length of IKUl in bytes. This parameter 
is required only when process-mode= { 0 or 1) 
and dsigl-length >^ 0. 

An Internal Key Unit containing a PUM of 
another device and belonging to domain-id* 
The value of EID in SCBl must not equal the 
value in the EID register. The values of 
Tstart and Texp in SCBl must satisfy the 
relationship Tstart =< DT < Texp, where DT 
is the current date and time expressed in 
Coordinated Universal Time. This parameter 
is required only when process -mode= ( 0 or 1) 
and dsigl-length >^ 0. 

The length of IKU2 in bytes. This parameter 
is required only when process-mode= ( 0 or 1). 

An Internal Key Unit containing a PRM of 
this device and belonging to domain-id. The 
value of EID in SCB2 must equal the value in 
the EID register. The values of Tstart and 
Texp in SCB2 must satisfy the relationship 
Tstart < DT < Texp, where DT is the current 
date and time expressed in Coordinated 
Universal Time. This parameter is required 
only when process-mode= ( 0 or 1). 
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KEYBLK-LENGTH The length of keyblk and ePUM(keyblk) in 
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^ EPUM(KEYBLK) 

70 



75 

DSIGl -LENGTH 

20 



25 DSIGl 



30 



35 

TICKET- IN 

40 



45 SENDER-EID 



50 

C3 
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bits. This parameter is required only when 
process -mocie= ( 0 or 1), 

keyblk encrypted with' public key PUM of this 
device. For process-mode=0 , keyblk is a key 
block produced from a Crypto Facility DEA Key 
Record (CFDKR) . For process-mode= ( 1 or 2), 
keyblk has an unspecified format. This para- 
meter is required only when process-mode= ( 0 
or 1) . 

The length of dsigl in bits. A value of 
dsigl-length^O indicates that no dsigl 
parameter is specified to the IDK instruction. 
This parameter is required only when process- 
mode= ( 0 or 1 ) • 

A digital signature produced from a CF System 
Signature Record (CFSSR) and a private key 
management key PRM of another device, in 
accordance with section 6 of ISO DIS 9796. 
The CFSSR contains a 128-bit hash value 
calculated on ePUM( keyblk) . This parameter 
is required only when process-mode=( 0 or 2) 
and dsigl-length > 0. 

An 8-byte value that must be equal to the 
8-byte value stored in the IDK Ticket field 
in the CF Environment. This parameter is 
required only when process -mode=2 . 

A 128-bit environment ID of the sender of 
the DEA key. This parameter is required 
only when process -mode=0 or process-mode=2 . 

A 16-byte control vector associated with 
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KKL, where KKL is the leftmost 64 bits of 
the key-encrypting receiver key KK to be 
imported. For process-mode=0, C3 MUST be 
equal to the control vector stored in keyblk 
of input parameter ePlJM( keyblk) . See 
control vector checking for a specification 
of C3 . This parameter is required only when 
process-mode=( 0 or 2 ) , 



75 



20 



C4 A 16-byte control vector associated with 

KKL, where KKL is the leftmost 64 bits of 
the key-encrypting receiver key KK to be 
imported. Except for certain fields which 
CFAP is permitted to set, C4 must equal C3. 
Control vector checking ensures that C4 is a 
valid derivative of C3. This parameter is 
required only when process -mode= ( 0 or 2). 

25 

OUTPUTS DESCRIPTION 

E*KM.C5(KKL) 64 bit key KKL enciphered under 128 bit 
30 master key KM and 128 bit control vector C5 • 

KKL is the left half of a 128 bit key-encrypt- 
ing key. Except for certain fields which the 
IDK instruction is permitted to set, C5 must 
equal C4 . C5 is derived from C4 via an 
internal control vector generation routine. 
This parameter is required only when process- 
40 mode= (0 or 2 ) . 

E*KM.C6(KKR) 64 bit key KKR enciphered under 128 bit 

master key KM and 128 bit control vector C6 . 
KKR is the right half of a 128 bit key-encrypt- 
ing key. C6 is derived from C5 via an 
internal control vector generation routine. 

50 



35 



55 
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This 



parameter is required only when process- 
(0 or 2) . 



mode 



5 



10 



TICKET-OUT 



An 8-byte value equal to an 8-byte value 
stored in the IDK-Ticket register in the CF* 
This parameter is required only when 
process-mode=l • 



CC 



Condition code indicating success or failure 
of the instruction execute in. 



75 



DESCRIPTION: 



20 



The IDK instruction reenciphers a 128-bit key-encryptin: key KK ( = KKL.KKR) in encrypted form ePUM- 
(keyblk) to encrypted form e"KM.CS(KKL), e*KM.C6(KKR). er^UM(keyblk) denotes a key block containing KK 
encrypted with a public key management key of this device. e*KM.C5(KKL) and e*KM.C6{KKR) are the 
encrypted left and right 64-bit parts of KK, respectively. KM.C5 and KM.C6 are variant keys formed as the 

25 Exclusive-OR product of master key KM and control vectors C5 and C6, respectively. C5 and C6 are control 
vectors associated with KKL and KKR, respectively. C5 and C6 designate KK as a key- encrypting receiver 
key with an "RTMK" attribute. The EXPORT CONTROL field in C5 and C6 must also specify 'no export.' 

A process-mode parameter provides different processing options within the IDK instruction. When 
process-mode = 0 is specified, keyblk is a key block produced from a Crypto Facility DEA Key Record 

30 (CFDKR). The format of the CFDKR and the algorithm for producing keyblk from CFDKR are rigidly defined 
by PKCD. Process-modes 1 and 2 permit a keyblk with unspecified format to be processed. This is 
accomplished by invoking the IDK instruction with processmode = 1 to decrypt ePUM(keyblk) and store the 
recovered keyblk within the CF, then invoking a Translate-TO-CFDKR instruction which translates the keyblk 
to a CFDKR also stored within the CF, and finally invoking the IDK instruction with process-mode = ^ to 

35 process and recover KK from the so-produced CFDKR and to produce e*KM.C5(KKL), e*KM.C6(KKR). The 
aim of process-modes 1 and 2 is to remove the translation step from the IDK instruction, so that the IDK 
instruction need not directly implement a host of different possible translation options for compatibility with 
other non-PKCD devices. A significant advantage can be achieved if the Translate-To-CFDKR instruction is 
implemented within a programmable memory within the CF. 

40 The dsig1 -length parameter indicates to the IDK instruction whether ePUM(keyblk) has an accompany- 
ing system signature, dsig1 (dsig1-length>0), or has no accompanying system signature (dsig1 -length = 0). 
If present, dsig1 is validated with a public key, PU, contained in the specified Internal Key Unit, IKU1. 
ePUM(keyblk) may be imported with no accompanying system signature. 

A field in the configuration vector, designated SIG-COMPAT(BILITY(IDK), indicates whether dsig1 is 

45 required (i.e., signified by SIG-COMPATIBILITY(IDK) = B'O') or whether dsig1 is optional (i.e., signified by 
SIG-COMPATIBILITY(IDK) = B'V). For example, when dsig1 -length =0 is specified, the IDK instruction 
ensures that SIG-COMPATIBILITY(IDK) = B'V. In other words, when a device is configured as a 
compatibility device, the IDK instruction does not require specification of a system signature. 

Control vectors C3, C4, and 05 are all associated with the KKL to be imported. 03 must be equal in 

50 value to the control vector stored in CFDKR. The EXPORT CONTROL field in C3, 04. and 05 must specify 
'no export.' 04 is an intermediate value used by the OFAP to request changes to 03, as follows. When a 
KKL is imported, the OFAP is permitted, in certain cases, to change control vector fields. If no change is 
desired or no change is permitted, then the OFAP sets 04 := 03, else the OFAP produces 04 by making 
selected changes to 03. The control vector checking process assures that 04 is properly specified. 

55 Likewise, when a KKL is imported the CF is permitted to change certain control vector fields. If no change is 
needed or prescribed, then the CF sets 05 : = 04; else the CF produces 05 by making selected changes to 
04. Control vector 06 associated with KKR is derived within the Import DEA Key instruction from 05. 
The Import DEA Key instruction executes only in the "run" state. 
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FUNCTIONAL SPECIFICATION: 

1. Verify process-mode = 0, 1, or 2. If verification fails, set CC status flag and jump to step 17. 

2. Validate ticket-in, and extract fields from CF Environment, if process-mode = 2: 
5 If process-mode = 2 then do: 

a. Verify IDK Buffer Flag in CF Environment = 1. If verification fails then set CC status flag and jump 
to step 17. 

b. Verify ticket-in : = value stored in IDK Ticket field in CF Environment. If verification fails then set 
CC status flag and jump to step 17. 

10 c. Set domain-id : = bits 00. .03 of IDK Save field in CF Environment. 

d. Set key-management-protocol := bit 04 of IDK Save field in CF Environment. 

e. Set key-management-mode := bit 05 of IDK Save field in CF Environment. 

f. Set cfdkri -length := value stored in IDK Record Length field in CF Environment. 

g. Set cfdkri := leftmost cfdkri -length bits of value stored in IDK Buffer field in CF Environment. 
75 3. Perform input parameter consistency checking if process-mode = 0 or 1: 

If process-mode = 0 or process-mode = 1 then do: 

a. If dsigl-length > 0, then verify that IKU1 is consistent to definition of an IKU. 

b. Verify that IKU2 is consistent to definition of an IKU. 

Continue if checking succeeds; otherwise set CC status flag and jump to step 17. 
20 4. Perform configuration vector and state vector checking: 

a. Verify that DEFINE(IDK) in config. vector = B'V. 

b. If key-management-protocol = 1 , then KMGT PROTOCOL in config. vector = B'lV or B'lOV 

c. If key-management-protocol = 1 and key-management-mode = 0, then KREG in config. vector = 
B'O'. 

25 d. If key-management-protocol = 0, then KMGT PROTOCOL in config. vector = B'lV or B'OV. 

e. Verify that CF STATE in state vector is in the "run" state. 

f. Verify that KI\/IP-FLAG(CKMP) in state vector is in the "full" state. 

g. Verify that CKM FLAG in state vector is in the "full" state. 

h. (optional) Verify LPID FLAG in state vector is in the "full" state. 
30 i. Verify that ENABLE(IDK) in state vector = B'OO'. 

j. If process-mode = 0 or process-mode = 1, and if dsigl-length = 0, then verify SIG- 
COMPATIBILITY(IDK) in config. vector = B'r. • ^ 

Continue if checking succeeds; otherwise set CC status flag and jump to step 17. 

5. Perform control block and control vector checking. 

35 Continue if checking succeeds; otherwise set CC status flag and jump to step 17. 

6. Construct expected record-code to be referenced against record-code stored in cfssri, if (process- 
mode = 0 or process-mode == 1) and dsigl-length > 0: 

a. Extract control vector C from IKU1 

b. Construct record-code from control vector C. 

40 7. Recover and validate cfssri, if (process-mode = 0 or process-mode = 1) and dsigl-length > 0: 

a. Recover cryptographic facility system signature record cfssri from from digital signature dsig1, 
using the public key stored in IKU1. 

b. Verify that cfssri is consistent to definition of a cryptographic facility system signature record. 

c. Extract hash rule hash-rulel from cfssri . 

45 d. Verify that record-code stored in cfssri is the same as record-code constructed in step 6. 

Continue if verifications succeed; otherwise set CC status flag and jump to step 17. 

8. Calculate hash value MDC on ePUM(keyblk) using the hash algorithm specified by hash-rulel, if 
(process-mode = 0 or process-mode = 1) and dsigl-length > 0. 

9. Validate MDC against reference MDC in cfssri, if (process-mode = 0 or process-mode = 1) and 
50 dsigl-length > 0: 

a. Extract the hash value stored in the hash field in cfssri. 

b. Verify that MDC is the same as the extracted hash value. 

Continue if verification succeeds; otherwise set CC status flag and jump to step 17. 

10. Recover cfdkri if process-mode = 0: 
55 a. Set key-process : = 1 

b. Recover the CFDKR cfdkri from the encrypted DEA key block ePUM(keyblk), using the private key 
PRM stored in IKU2. 

1 1 . Recover key block, if process-mode = 1 : 
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a. Set key-process : = 0 

b. Recover the key block keyblk from the encrypted DEA key block ePUM(keyblk), using the private 
key PRM stored in iKU2. 

12. Produce output ticket-out and store parameter values in CF Environment if process-mode = 1: 
5 a. Produce ticket-out: 

1 ) Generate an 8-byte random number and assign it to ticket-out. 
b. Save parameter values in CF Environment: 

1) Set IDK Ticket field in CF Environment : = ticket-out 

2) If key-process = 0, then set IDK Buffer Flag in CF Environment := 2 
10 3) Else (key-process = 1) set IDK Buffer Flag in CF Environment : = 3 

4) Set IDK Save field in CF Environment := domain-id || key-management-protocol || key- 
management-mode II B'OO' 

5) Set IDK Buffer field in CF Environment := keyblk (left-justified in IDK Buffer field). 

6) Set IDK Record Length field in CF Environment := keyblk-length 

75 7) Set IDK Buffer Length field in CF Environment := value of IDK-buffer-length in Configuration 

Table. 

13, Construct a record code record-codel for cfdkri based on parameters key-management-protocol 
and key-management-mode, if process-mode = 0 or process-mode = 2. 

14. Validate cfdkri if process-mode = 0 or process-mode = 2: 
20 a. Verify cfdkri -length = 416 /* check length 7. 

b. Verify that record ID in cfdkri is B'OOOOOOOO*. 

0, Extract the one-byte record code from cfdkri and assign it to Y. 

d. Verify record-codel = (B'1 1 1 1 1000' AND Y) ("AND" is logical AND) 

e. Verify that the value of the EID field in cfdkri is not the same as the contents of the EID register 
25 in CF Environment (i.e., EID acts as an anti-reimport value.) 

f. Verify that the value of the EID field in cfdkri is the same as the sender-EID. /* receiver can*t be 
fooled about sender's identity 7 

g. Verify that the value of the hash control vector field (i.e.,h(C)) in cfdkri is the same as C3. 

h. Extracted the 64-bit left half KKL of the 128-bit key KK from cfdkri. 
30 i. Verify that parity of KKL is odd. 

j. Extracted the 64-bit right half KKR of the 128-bit key KK from cfdkri. 
k. Verify that parity of KKR is odd. 

1 . Verify that reserved fields in cfdkri are all zero. 

Continue if verifications succeed; otherwise set CC status flag and jump to step 17. 
35 15. Produce outputs e*KM.C5(KKL) and e*KM.C6(KKR) if process-mode = 0 or process-mode = 2: 

a. Set KM : = contents of CKM Register in the CF Environment. 

b. Set C5 : = C4 and update the history bits in C5 if necessary. 

c. Exclusive-OR KM with C5 and use the resulting key to to encrypt KKL. 

d. Set C6 := C5 and invert the values in bits 41 and 42 in C5 (i.e., adjust the KEY FORM field in 
40 - C5). 

e. Exclusive-OR KM with C6 and use the resulting key to to encrypt KKR. 

16. Perform state vector update: None. 

17. Produce output CC from CC status flags. 

45 CONTROL BLOCK AND CONTROL VECTOR CHECKING: 

Perform control block and control vector checking: 
A Perform the checking in steps 1 and 2, if process-mode = 0 or process-mode = 2: 
1 . Checking on C3 (associated with KKL): 
50 a. CV TYPE in C3 = 'Key-Encrypting Receiver Key' b. Verify RTMK usage in C3 = B'V (i.e., 

enabled) 

c. Verify XLTKEY-in in C3 = B'C (i.e., disabled) 

d. Verify GKS in C3 = B'OOO' (i.e., disabled) 

e. Verify EXPORT CONTROL in C3 = B'O' (i.e., export via RFMK not permitted) 
55 f. Verify KEY FORM = B'010' or B'1 10' (i.e., KKL) 

g. Verify EXTENSION in 03 = B'OO' or B'01'. 

h. If EXTENSION in C3 = B'OO', then do: 

1) Verify C3R = C3L (i.e., CV EXTENSION = CV BASE) 
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20 



25 



30 



2) Verify domain-id (in instruction) = 0 
i. If EXTENSION in C3 = B'OV, then do: 

1) Verify DOMAIN ID in C3 = domain-id (in instruction). 

2) Verify HIST-GKSP/IDK field in C3 = B'V 

2. Checking on C3 and 04: 
a. Verify 04 = 03. 

NOTE: Currently there is nothing in 03 that can be changed by CFAP in the IDK instruction. 
Continue if checking succeeds; otherwise set 00 status flag and jump to step 17. 
B Perform the checking in steps 3 thru 9, if process-mode = 0 or process-mode = 1 : 

3. Extract S0B1 and 01 from IKU1, if dsigl-length > 0: 

a. Extract system control block S0B1 from IKUI. 

b. Extract control vector 01 from S0B1. 

4. Extract S0B2 and 02 from IKU2: 

a. Extract system control biock S0B2 from IKU2. 

b. Extract control vector 02 from S0B2. 

5. Checking on 01 (associated with PUM), if dsigl-length > 0: 

a. Verify OV TYPE in 01 = 'public key management key' 

b. Verify IDK in 01 = B'V (i.e.. enabled) 

c. Verify HIST-IPUK = B'V (i.e., imported) 

d. Verify DOMAIN ID in 01 = domain-id (in instruction) 

e. if key-management-protocol (in instruction) = B'1' (i.e., 'certification center protocol'), then do: 

1) If key-management-mode (in instruction) = 0. then KREGMODE in 01 = B'OV. 

2) If key-management-mode (in instruction) = 1, then KREGMODE in 01 = B'10'. 

3) Verify HIST-CHAIN in 01 = 2. 

f. Perform Control Vector Validate on 01 to validate certain fields in 01. 

6. Checking on 02 (associated with PRM): 

a. Verify OV TYPE in 02 = 'private key management key' 

b. Verify IDK usage in 02 = B'V (i.e.. enabled) 

c. Verify DOMAIN ID in 02 = domain-id (in instruction) 

d. Perform Control Vector Validate on 01 to validate certain fields in 02. 

7. Checking on 01 and 02 (associated with PUM and PRM), if dsigl-length > 0: 

a. Verify HIST-MDO in 01 > THRES-MDO in 02. (This check is valid for private protocols and 
certification center protocols.) 

8. Checking on S0B1, if dsigl-length > 0: 

a. Verify that the current date and time are in the time interval (Tstart,Texp), specified in SOB V (i.e., 
Tstart =< DT < Texp). 

b. Verify that the Environment ID stored in the EID register is not the same as the Environment ID 
' stored in S0B1. 

9. Checking on SCB2: 

a. Verify that the current date and time are in the time interval (Tstart, Texp), specified in S0B2 (i.e., 
Tstart = < DT < Texp). 

b. Verify that the Environment ID stored in the EID register is the same as the Environment ID 
stored in SCB2. 

Continue if checking succeeds; otherwise set CO status flag and jump to step 17. 
rify Internal Key Unit (VIKU) 



EQUATION: 



KMP-mode 



IKUI -length 
IKUI 



/2b/ 
/16b/ 

/unspeci f led/ 



— > 



CC 



/unspecified/ 
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PARAMETER DEFINITIONS: 

INPUTS DESCRIPTION 



KMP-MODE 



Specifies the PKA master key as follows 



10 



75 



0 ; 


CKMP 


1 : 


NKMP 


2 : 


OKMP 


The 


length 



IKUl-IiENGTH The length of IKUl in bytes 
IKUl An Internal Key Unit, 



20 



25 



30 



35 



40 



45 



50 



55 



OUTPUTS 



cc 



DESCRIPTION 

Condition code indicating success or failure 
of the instruction execution. 



DESCRIPTION: 

The Verify Internal Key Unit instruction extracts the encrypted GFPKR and encrypted CFKAR from an 
Internal Key Unit, decrypt:: thenn, and validates the GFPKR using the CFKAR. A KMP-mode parameter 
permits the validation to be performed using the current, new, or old PKA master key. 

The Verify Internal Key Unit Instruction executes only in the "run" state. 

SYSTEM DIGITAL SIGNATURES 



Generate Digital Signature (GDS) 
PR-mode 
<IKUl-length> 
<IKU1> 
data- length 
data 

hash-rule 
inst-code 
— > 

dsig-length 

dsig 

CC 



PARAMETER DEFINITIONS: 



/lb/ 
/16b/ 

/unspecified/ 
/16b/ 

/unspecified/ 

/3b/ 

/4b/ 

/16b/ 

/unspecified/ 
/unspecified/ 



if PR-mode=0 
if PR-mode=0 
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INPUTS 
PR-MODE 

5 
10 

IKUl-LENGTH 

75 

IKUl 

20 
25 
30 
35 
40 
45 
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DESCRIPTION 

The PR-mode parameter specifies the source 
of the private key used to generate the 
digital signature, as follows: 

o PR-mode=0 : use PR in IKUl 
o PR-mode=l : use PRA in CF 

The length of IKUl in bytes. This parameter 
is required only when PR-mode=0. 

An Internal Key Unit containing a private 
key PR. PR must be a private certification 
key, a private key management key, or a 
private user key. The value of EID in SCBl 
must equal the value in the EID register. 
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The values of Tstart and Texp in SCBl must: 
satisfy the relationship Tstart £ DT < Texp, 
where DT is the current date and time ex- 
5 pressed in Coordinated Universal Time- This 

parameter is required only when PR-mode=0. 

DATA-LENGTH The length of data in bits, 

10 

DATA The data upon which a digital signature is 

to be calculated. 

75 

HASH-RULE Specifies the hash algorithm to be used to 

hash the input data and the rule, if any, 
for formatting and producing the CF System 
Signature Record (CFSSR) • The encoding of 
the hash-rule is as follows: 



o hash-rule = 0 : MDC-2 algorithm (with 

128 bit hash right justified in the Hash 
field) . 

o hash-rule = 1 : MDC-4 algorithm (with 

128 bit hash right justified in the Hash 
field) . 

o hash-rule = 2 : MD4 algorithm (with 128 
bit hash right justified in the Hash 
field) 

o hash-rule = 3 : quadratic residue (with 
128 bit hash right justified in the Hash 
field) 

o hash-rule =4-15 : reserved 

INST-CODE Specifies the PKCD instruction to be emulated 

(inst-codes 0 thru 3) or the GDS instruction 
( inst-code-4 ) , as follows: 

o inst-code=0 : ECFAR instruction 
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o inst-cocie=l 

o inst-code=2 

o inst-cocie=3 

o inst-code=4 



EPUK instruction 
GKSP instruction 
ECFER instruction 
GDS instruction 



70 



NOTE: For inst-code=0/ data is a CFAR; for 
inst-code=l, data is an EKU; for inst- 
code=2 , data is ePUM( keyblk) ; for inst- 
code=3, data is ePUA(CFBDKB) . 



75 



OUTPUTS 



DESCRIPTION 



20 



25 



DSIG-LENGTH 
DSIG 



The length of dsig in bits. 

A digital signature produced from a CF 
System Signature Record (CFSSR) according to 
the signature generation processing rules 
outlined in Section 6 of ISO DIS 9796. 



30 



cc 



Condition code indicating success or failure 
of the instruction execution. 



DESCRIPTION: 

35 

The Generate Digital Signature instruction generates a digital signature, called dsig, fronn a Crypto 
Facility System Signature Record (CFSSR) in accordance with Section 6 of ISO DIS 9796. The CFSSR is a 
253-bit CF-generated record containing a 128-bit hash value calculated on a variable length input data 
record, called data. The length of CFSSR nnust be less than or equal to 1/2 the nnodulus length of the public 

40 key algorithm. The process of producing dsig from CFSSR consists of pre-processing steps, decryption 
with a private key, and post-processing steps. 

A PR-mode parameter specifies to the GDS instruction whether the PR key used to produce the system 
signature is specified in IKU1 (PR-mode = 0) or whether the PR key used to produce the system signature is 
the PRA key stored in the CF (PR-mode = 1). 

45 A private certification key can be specified to the GDS instruction only when the device is configured as 

a certification center (CERTIFICATION field in the configuration vector is B'V). A private authentication key, 
a private key management key, or a private user key can be specified to the GDS instruction only when the 
device is configured as an interchange device (INTERCHANGE field in the configuration vector is B'V). A 
device may act as both a certification center and an interchange device. 

50 The GDS instruction executes only in the "run" state. 

Verify Digital Signature (VDS) 
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10 



75 



PU-mode 

<IKUl-length> 

<IKU1> 

data-length 

data 

dsig-length 

dsig 

— > 

hash-rule 
inst-code 
CC 



/lb/ 
/16b/ 

/unspecified/ 
/16b/ 

/unspecified/ 
/16b/ 

/unspecified/ 

/4b/ 
/4b/ 

/unspecified/ 



; if PU-mode=0 
; if PU-mode=0 



20 PARAMETER DEFINITIONS: 



INPUTS 



DESCRIPTION 



25 



30 



35 



40 



45 



50 
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PU-MODE 



The PU-mode parameter specifies the source 
of the public key used to validate the 
digital signature, as follows: 



10 



15 



20 



25 



I KUl -LENGTH 



IKUl 



DATA -LENGTH 



o 
o 



PU-mode=0 
PU-mode=l 



use PU in IKUl 
use PUA in CF 



The length of IKUl in bytes. This parameter 
is required only when PU-mode=0- 

An Internal Key Unit containing a public key 
PU. The values of Tstart and Texp in SCBl 
must satisfy the relationship Tstart < DT < 
Texp, where DT is the current date and time 
expressed in Coordinated Universal Time, This 
parameter is required only when PU-mode=0 • 

The length of data in bits. 



30 



35 



40 



45 



DATA 

DSIG-LENGTH 
DSIG 



OUTPUTS 
HASH-RULE 



50 



The data upon which a digital signature is 
to be calculated. 

The length of dsig in bits. 

A digital signature originally produced from 
a CF System Signature Record (CFSSR) according 
to the signature generation processing rules 
outlined in Section 6 of ISO DIS 9796. 

DESCRIPTION 

The encoded hash-rule field in the CF System 
Signature Record (CFSSR), as follows: 

o hash-rule = 0 : MDC-2 algorithm (with 128 



55 



137 



BNS0OCID:<EP 053441 9A2> 




EP 0 534 419 A2 



bit hash right justified in the Hash field) . 
o hash-rule = 1 : MDC-4 algorithm (with 128 

bit hash right justified in the Hash field) • 
o hash-rule = 2 : MD4 algorithm (with 128 

bit hash right justified in the Hash field) 
o hash-rule = 3 : quadratic residue (with 128 

bit hash right justified in the Hash field) 
o hash-rule =4-15 : reserved 

INST-CODE The leftmost 4 bits of the Record Code field 

in the CF System Signature Record (CFSSR) 
(i.e., the PKCD instruction that created the 
digital signature or the PKCD instruction 
emulated by a GDS instruction) , as follows: 



o 


inst- 


code= 


0 : 


: ECFAR instruction 


o 


inst- 


code= 


1 ; 


: EPUK instruction 


o 


inst- 


code= 


2 : 


: GKSP instruction 


o 


inst- 


code= 


3 : 


: ECFER instruction 


o 


inst- 


code= 


4 : 


: GDS instruction 



NOTE: For inst-code=0, data is a CFAR; for 
inst-code=l, data is an EKU; for inst-code=2, 
data is ePUM( keyblk) ; for inst-code=3, data 
is ePUA(CFBDKB) . 



CC Condition code indicating success or failure 



40 of the instruction execution, 



DESCRIPTION: 

45 

The Verify Digital Signature instruction verifies a system signature, called dsig, in accordance with 
Section 7 of ISO DIS 9796, where dsig was created from a Crypto Facility System Signature Record 
(CFSSR) in accordance with Section 6 of ISO DIS 9796. The CFSSR is a 253-bit CF-generated record 
containing a 128-bit hash value calculated on a variable length input data record, called data. CFSSR Is 
50 recovered from dsig by encrypting dsig with a public key, performing consistency checking on the 
recovered block, and discarding redundant data and extracting CFSSR. 

There are no restrictions on the key type of the public key that may be used with the VDS instruction. 

The VDS instruction executes only in the "run" state. 
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APPLICATION DIGITAL SIGNATURES 



/16b/ 

/unspecified/ 
/16b/ 

/unspecified/ 
/16b/ 

/unspecified/ 
/unspecified/ 



IKUl-LENGTH The length of IKUl in bytes. 

IKUl An Internal Key Unit containing a private 

key PR. PR must be a private certification 
key, a private key management key, or a 
private user key. The value of EID in SCBl 

35 



40 



45 



50 



55 
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Generate Application Digital Signature (GADS) 

5 EQUATION: 

IKUl-length 
IKUl 

hash-val- length 
hash-val 
— > 

dsig-length 
dsig 
CC 



70 



75 



20 



PARAMETER DEFINITIONS: 

I NPUTS DESC R I FT I ON 
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must equal the value in the EID register. 
The values of Tstart and Texp in SCBl must 
satisfy the relationship Tstart < DT < Texp, 

5 

where DT is the current date and time 
expressed in Coordinated Universal Time. 

10 HASH-VAL-LENGTH The length of hash-val in bytes. It must be 

< one half of modulus length indicated in 
the control vector associated with the 
private key PR in IKUl . 

75 

HASH-VAL The hash value on which the signature is 

produced, hash-val is computed from the data 
20 by either the application or CFAP, using any 

hash algorithm. 



OUTPUTS 



25 



DESCRIPTION 



DSIG-LENGTH The length of dsig in bits, 



30 DSIG 



A digital signature produced from hash-val 
and private key PR in accordance with 
section 6 of ISO DIS 9796. 



35 



cc 



Condition code indicating success or failure 
of the instruction execution. 



40 

DESCRIPTION: 

The Generate Application Digital Signature instruction generates a digital signature, called dsig, from an 
input hash value (called hash-val) in accordance with Section 6 of ISO DIS 9796. hash-val must be a whole 
45 number of bytes and the length of hash-val must be less than or equal to 1/2 the modulus length of the 
public key algorithm. The process of producing dsig from hash-val consists of preprocessing steps, 
decryption with a private key, and post-processing steps. 

A signature produced by the GADS instruction is called an application signature; a signature produced 
by the ECFAR, EPUK, GKSP, ECFER, or GDS instruction is called a system signature. To prevent the 
50 GADS instruction from producing a system signature, the system signature is produced from a 253-bit OF 
System Signature Record, whereas the application signature is produced from a hash value consisting of a 
whole number of bytes. Note that 253 bits is not a whole number of bytes. 

A private certification key can be specified to the GADS instruction only if the device is configured as a 
certification center (CERTIFICATION field in the configuration vector is BM'). 
55 The GADS instruction executes only in the "run" state. 
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10 



15 



Verify Application Digital Signature (VADS) 

EQUATION: 

IKUl-length 
IKUl 

hash-val- length 
hash-val 
dsig-length 
dsig 

— > 
CC 



/16b/ 

/unspecified/ 
/16b/ 

/unspec i f led/ 
/16b/ 

/unspeci f ied/ 
/unspecified/ 



PARAMETER DEFINITIONS: 
20 INPUTS 



DESCRIPTION 



25 



30 



35 



40 



45 



50 



55 
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IKUl-LENGTH The length of IKUl in bytes, 

IKUl An Internal Key Unit containing a public key 

^ PU, The values of Tstart and Texp in SCBl 

must satisfy the relationship Tstart < DT < 
Texp, where DT is the current date and time 
10 expressed in Coordinated Universal Time. 

HASH-VAL-LENGTH The length of hash-val in bytes. It must be 

£ one half of modulus length indicated in 

75 

the control vector associated with the 
public key PU in IKUl. 

20 HASH-VAL The hash value on which the signature is 

produced, hash-val is computed from the data 
by either the application or CFAP, using any 
hash algorithm. 

25 

DSIG-LENGTH The length of dsig in bits. 

30 DSIG A digital signature produced from hash-val 

and private key PR in accordance with 
section 6 of ISO DIS 9796, and which is 
validated in the VADS instruction using the 

35 

public key PU (specified in IKUl) in accord- 
ance with section 7 of ISO DIS 9796. 



^0 OUTPUTS DESCRIPTION 

CC Condition code indicating success or failure 

of the instruction execution. 

46 



DESCRIPTION: 

50 

The Verify Application Digital Signature instruction validates a digital signature, called dsig, using an 
input hash value (called hash-val) and a public key PU in accordance with Section 7 of ISO DIS 9796. hash- 
val must be a whole number of bytes and the length of hash-val must be less than or equal to 1/2 the 
modulus length of the public key algorithm. The process of validating dsig consists of encryption with a 
55 public key, consistency checking to validate the redundancy bytes, and recovery of of the hash-value-of- 
reference originally used to generate dsig. The hash value supplied to the VADS instruction (i.e.. hash-val) 
is compared for equality with hash-value-of-reference. 
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35 



A signature validated by the VADS instruction is called an application signature; a signature validated by 
the VDS instruction is called a system signature. See the GADS instruction for an explanation of system and 
application signatures. 

The VADS instruction operates with any public key supplied in IKU1. 

The VADS instruction executes only in the "run" state. 

CF BACKUP 



Export Crypto Facility Environment Record (ECFER) 



w 



15 



20 



25 



30 



EQUATION: 



protocol -mode 
KM -mode 
KMP-mode 
hash-rule 
IKUl-length 

IKUl 
— > 

xcf er-length 
xcf er 

cfbdkbl-length 

ePUAb(cfbdkbl) 

dsigl-lengt:h 

dsigl 

CC 



/2b minimum/ 
/lb minimum/ 
/lb minimum/ 
/3b minimum/ 
/16b/ 

/unspecified/ 
/32b/ 

/unspecified/ 
/16b/ 

/unspecified/ 
/16b/ 

/unspecified/ 
/unspecified/ 



PARAMETER DEFINITIONS: 



40 



45 



50 



55 
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INPUTS 



DESCRIPTION 



PROTOCOL-MODE The protocol -mode parameter specifies the 

protocol used for export and import of the 
CF environment, as follows: 



w 



15 



20 



o 0 
o 1 



o 2 



o 3 



reserved 

CBKUPl (certification center protocol 
where the PUA control vector has 
HIST-CHAIN=2) 

CBKUP2 (certification center protocol 
where the PUA control vector has 
HIST-CHAIN=3) 

PBKUP (private protocol, i.e., no 
restriction on how PUA is imported) 



25 



Note that the control vector for PUAb (i«e«, 
CI) contains a similar BKUP PROTOCOL field 
that must match the protocol-mode parameter. 



30 



KM-MODE 



35 



The KM-mode parameter indicates whether the 
master key KM is required to be entered into 
the new KM register at the receiving device 
via the LFMKP and CMKP instructions: 



40 



45 



50 



55 



144 



BNSDOClD:<EP 053441 9A2> 



10 

KMP-MODE 

75 



20 



25 



30 



35 HASH -RULE 



40 



45 



50 

IKUl-LENGTH 
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o KM-mocie=0 : no 

o KM-mocle=l : yes (load via LFMKP and CMKP) 

NOTE: KM-mode=l should be selected only if 
the value of KM is known outside the crypto 
facility, i.e., KM was originally loaded 
into the CF of the sending device via the 
LFMKP and CMKP instructions. 

The KMP-mode parameter indicates whether the 
PKA master key KMP is required to be entered 
into the new KMP register at the receiving 
device via the LFPMKP and CPMKP instructions: 

o KMP-mode = 0 : no 

o KMP-mode = 1 : yes (load via LFPMKP and 
CPMKP) 

NOTE: KMP-mode=l should be selected only if 
the value of KMP is known outside the crypto 
facility, i.e., KMP was originally loaded 
into the CF of the sending device via the 
LFPMKP and CPMKP instructions. 

Specifies the hash algorithm to be used to 
calculate a hash value on ePUAb( cf bdkbl ) and 
on the cfer. The encoding of the hash-rule 
is as follows: 



o 


hash- 


•rule = 


0 : 


MDC-2 algorithm 


o 


hash- 


rule = 


1 : 


MDC-4 algorithm 


o 


hash- 


rule = 


2 : 


MD4 algorithm 


o 


hash- 


rule = 


3 : 


quadratic residue 


o 


hash- 


rule = 


4-7 


: reserved 



The length of IKUl in bytes. 
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IKUl 



70 



An Internal Key Unit containing PUAb of 
device "b". Note that "a" is this device 
and "b" is the other device. The value of 
EID in SCBl must not equal the value in the 
EID register. The values of Tstart and Texp 
in SCBl must satisfy the relationship Tstart 
< DT < Texp, where DT is the current date and 
time expressed in Coordinated Universal Time. 



75 



OUTPUTS 



DESCRIPTION 



XCFER-LENGTH The length of xcfer in bytes 



20 



XCFER 



An External Crypto Facility Environment 
Record . 



25 



CFBDKBl -LENGTH The length of cfbdkbl and ePUAb( cf bdkbl ) in 

bits . 



30 



35 



EPUAB( CFBDKBl) cfbdkbl encrypted with public key PUAb of 

device "b" . The Encrypted Secret Part (ESP) 
in xcfer is encrypted with a key stored in 
cfbdkbl. cfbdkbl also contains a 128-bit 
hash value (MDC) calculated on cfer. 



40 



45 



DSIGl -LENGTH 
DSIGl 



The length of dsigl in bits. 

A digital signature produced from a CF 
System Signature Record (CFSSR) and a 
private authentication key PRAa of device 
"a", in accordance with section 6 of ISO DIS 
9796. The CFSSR contains a 128-bit hash 
value calculated on ePUAb( cfbdkbl ) . 



50 



CC 



Condition code indicating success or failure 



55 



of the instruction execution, 



146 



BNSDOCID:<EP 053441 9A2> 



EP 0 534 419 A2 



DESCRIPTION: 

The Export Crypto Facility Environment Record instruction constructs an External Crypto Facility 
Environment Record, xcfer, an encrypted Crypto Facility Backup Key Block, ePUAb(cfbdkbl), and a digital 

5 signature, dsig1. dsigl is calculated from a Crypto Facility System Signature Record (cfssrl) and a private 
authentication key PRAa. Subscripts "a" and "b" designate this device and another device, respectively, 
cfssrl contains a hash value (e.g., an MDC) calculated on ePUAb(cfbdkb1 ), i.e., the digital signature 
authenticates ePUAb(cfbdkbl). cfbdkbl contains a similar hash value (e.g., an MDC) calculated on cfer, 
which permits xcfer to be authenticated. Both hash values (i.e., the hash value in cfssrl and the hash value 

10 in cfbdkbl) are calculated using the same hash algorithm, as specified in the hash-rule parameter of the 
ECFER instruction, cfbdkbl also contains a 128 bit key KK2 used to encrypt the Secret Part (SP) of xcfer. 
where KK2 = KK1 xor X xor Y. xcfer also contains a Nonsecret Part (NSP). The values X and Y are 
determined as follows: (1) X := KMP if KMP-mode = 1 and X : = 0 if KMP = mode = 0, and (2) Y : = KM if 
KM-mode = 1 and Y := 0 if KM-mode = 0. Together SP and NSP constitute everything in the CF 

75 Environment except the PUA and PRA key, their length fields, and control vectors, and the contents of the 
DID register. These elements do not port in the xcfer. 

Any one of three protocol modes may be used to export and import a CF-environment record: (a) 
PBKUP, (b) CBKUP1, and (c) CBKUP2. The PBKUP (i.e., private protocol) mode is the least restrictive. This 
mode permits an installation to effect device backup using privately exchanged PUA keys. The CBKUP1 

20 and CBKUP2 modes make use of a certification center to indirectly validate the PUA key, and thus are 
more restrictive. In the CBKUP2 mode, the control vector of the PUA key must have a HIST-CHAiN value 
equal to 3, i.e., the PUA key is imported using a PUM key whose control vector has a HIST-CHAIN value 
equal to 2 and the PUM key is imported using a PUC key whose control vector has a HIST-CHAIN value 
equal 1. In the CBKUP1 mode, the control vector of the PUA key must have a HIST-CHAIN value equal to 

25 2, i.e., the PUA key is imported using a PUC key whose control vector has a HIST-CHAIN value equal to 1. 

Several mechanisms are provided to authorize and control the execution of the ECFER instruction. 
These control mechanisms are effected via the configuration vector, the control vectors, and the instruction 
parameters. The ECFER and ICFER instructions are designed to operate only if both the exporting and 
importing devices "agree" to use the same protocol and protocol options. In effect, this means that both 

30 devices must be configured the same (i.e., both configuration vectors must be the same with respect to 
device backup), both devices must use the same key management protocol, and the same parameter 
options must be specified to the ECFER and ICFER instructions. The following addition conditions are 
enforced: (1) the method of loading or generating KMP at the exporting and importing devices must be the 
same, and (2) when protocol-mode = 1 or 2 the PUC keys (or PUM and PUC keys) used at the exporting 

35 and importing devices to import the PUA keys must be the same. A HIST-DOMAIN ID field in the state 
vector of a cloned CF environment records the domain identifier of the PUC keys (or PUC and PUM keys) 
used to import the PUA keys when protocol modes 1 or 2 are used. By using the ECFAR instruction, a 
cloned device can be audited to ensure that backup and recovery was effected with the proper PUC key. 
Agreement between the exporting and importing devices is effected through the use of the record code field 

40 in the Crypto Facility Backup DEA Key Record and through direct comparisons of the information stored in 
the CFER produced at the exporting device and the CF Environment of the importing device. 

The ECFER and ICFER instructions provide an option requiring the master key KM and/or the PKA 
master key KMP to be reentered at the importing (or receiving) device. In that case, the cryptovariable 
encrypting key KK1 under which the Secret Part of xcfer is encrypted can be recovered at the receiving 

45 device only if the required values of KM and/or KMP have been properly entered. This option permits a CF 
Environment to be ported without exposing KM or KMP to any greater extent than would otherwise be 
required for ordinary manual key entry at a sending or receiving device. 
The ECFER instruction executes only in the "run" state. 

50 Import Crypto Facility Environment Record (ICFER) 

EQUATION: 

PARAMETER DEFINITIONS: 

55 
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10 



15 



protocol -mode 

KM-mode 

KMP-mode 

IKUl-length 

IKUl 

xcfer- length 
xcf er 

cfbdkbl-length 
ePUAb(cfbdkbl) 
dsigl-length 
dsigl 

— > 



/2b minimum/ 
/lb minimum/ 
/lb minimum/ 
/16b/ 

/unspecified/ 
/32b/ 

/unspecified/ 
/16b/ 

/unspecified/ 
/16b/ 

/unspecified/ 



20 



cc 



/unspecified/ 



PARAMETER DEFINITIONS: 



25 



30 



35 



40 



45 



50 



55 
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INPUTS 



DESCRIPTION 



PROTOCOL -MODE 



The protocol -mode parameter specifies the 
protocol used for export and import of the 
CF environment, as follows: 



10 



75 



20 



o 0 : reserved 

o 1 : CBKUPl (certification center protocol 
where the PUA control vector has HIST- 
CHAIN=2) 

o 2 : CBKUP2 (certification center protocol 
where the PUA control vector has 
HIST-CHAIN=3) 

o 3 : PBKUP (private protocol, i«e,, no 
restriction on how PUA is imported) 



25 



Note that the control vector for PUAa (i«e«, 
Cl) contains a similar BKUP PROTOCOL field 
that must match the protocol -mode parameter. 



30 



KM-MODE 



35 



The KM-mode parameter indicates whether the 
master key KM is required to be entered into 
the new KM register at the receiving device 
via the LFMKP and CMKP instructions: 



40 



45 



o KM-mode=0 : no 

o KM-mode=l : yes (load via LFMKP and CMKP) 

NOTE: KM-mode=l should be selected only if 
the value of KM is known outside the crypto 
facility, i.e., KM was originally loaded 



50 



55 
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into the CF of the sending device via the 
LFMKP and CMKP instructions. 



KMP-MODE 



70 



75 



The KMP-mode parameter indicates whether the 
PKA master key KMP is required to be entered 
into the new KMP register at the receiving 
device via the LFPMKP and CPMKP instructions: 



o KMP-mode = 0 
o KMP-mode = 1 
CPMKP ) 



no 



yes (load via LFPMKP and 



20 



25 



30 



35 



40 



I KUl -LENGTH 
IKUl 



XCFER-LENGTH 



NOTE: KMP-mode=l should be selected only if 
the value of KMP is known outside the crypto 
facility, i.e., KMP was originally loaded 
into the CF of the sending device via the 
LFPMKP and CPMKP instructions. 

The length of IKUl in bytes. 

An Internal Key Unit containing PUAa of de- 

" is the other device 



vice 



Note that 



and *'b" is this device. The value of EID in 
SCBl must not equal the value in the EID 
register. The values of Tstart and Texp in 
SCBl must satisfy the relationship Tstart < 
DT < Texp, where DT is the current date and 
time expressed in Coordinated Universal Time. 

The length of xcfer in bytes. 



45 



XCFER 



An External Crypto Facility Environment 
Record . 



50 



CFBDKBl -LENGTH The length of cfbdkbl and ePUAb ( cf bdkbl ) in 

bits . 



55 
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EPUAB(CFBDKBl) cfbdkbl encrypted with public key PUAb of 

device "b" . The Encrypted Secret Part (ESP) 
in xcfer is encrypted with a key stored in 

5 

cfbdkbl. cfbdkbl also contains a 128-bit 
hash value (MDC) calculated on cfer, 

10 DSIGl-LENGTH The length of dsigl in bits- 



75 



25 



DSIGl A digital signature produced from a CF 

System Signature Record (CFSSR) and a 
private authentication key PRAa of device 
"a", in accordance with section 6 of ISO DIS 
9796. The CFSSR contains a 128-bit hash 
20 value calculated on ePUAb( cfbdkbl ) . 

OUTPUTS DESCRIPTION 



cc Condition code indicating success or failure 

of the instruction execution. 



30 



DESCRIPTION: 

The Import Crypto Facility Environment Record instruction permits an xcfer produced with an ECFER 
35 instruction, at a sending device, to be imported at a receiving device. In effect, the output of an ECFER 
instruction becomes the input to an ICFER instruction; Execution of the ICFER instruction causes the 
variables stored in the xcfer to replace the comparable variables in the CF Environment of the receiving 
device. 

The inputs to the Import Crypto Facility Environment Record instruction consists of an External Crypto 

40 Facility Environment Record, xcfer, an encrypted Crypto Facility Backup Key Block, ePUAb(cfbdkb1 ), and a 
digital signature, dsigl. dsigl is calculated from a Crypto Facility System Signature Record (cfssri) and a 
private authentication key PRAa. Subscripts "b" and "a" designate this device and another device, 
respectively, cfssri contains a hash value (e.g., an MDC) calculated on ePUAb(cfbdkbl), i.e., the digital 
signature authenticates ePUAb(cfbdkbl). cfbdkbl contains a similar hash value (e.g., an MDC) calculated on 

45 cfer, which permits xcfer to be authenticated. Both hash values (i.e., the hash value in cfssri and the hash 
value in cfbdkbl) are calculated using the same hash algorithm, as originally specified in the hash-rule 
parameter of the ECFER instruction, cfbdkbl also contains a 128 bit key KK2 used to encrypt the Secret 
Part (SP) of xcfer, where KK2 = KK1 xor X xor Y. xcfer also contains a Nonsecret Part (NSP). The values X 
and Y are determined as follows: (1) X := KMP if KMP-mode = 1 and X := 0 if KMP = mode = 0, and (2) Y 

50 := KM if KM-mode = 1 and Y : = 0 if KM-mode = 0. Together SP and NSP constitute everything in the CF 
Environment except the PUA and PRA key, their length fields, and control vectors, and the contents of the 
DID register. These elements do not port in the xcfer. 

Any one of three protocol modes may be used to export and import a CF-environment record: (a) 
PBKUP, (b) CBKUPI, and (c) CBKUP2. The PBKUP (i.e., private protocol) mode is the least restrictive. This 

55 mode permits an installation to effect device backup using privately exchanged PUA keys. The CBKUP1 
and CBKUP2 modes make use of a certification center to indirectly validate the PUA key, and thus are 
more restrictive. In the CBKUP2 mode, the control vector of the PUA key must have a HIST-CHAIN value 
equal to 3, i.e., the PUA key is imported using a PUM key whose control vector has a HIST-CHAIN value 
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equal to 2 and the PUM key is imported using a PUC key whose control vector has a HIST-CHAIN value 
equal to 1. In the CBKUP1 nnode, the control vector of the PDA key must have a HIST-CHAIN value equal 
to 2, i.e.. the PDA key is imported using a PUC key whose control vector has a HtST-CHAIN value equal to 
1. 

-5 Several mechanisms are provided to authorize and control the execution of the ICFER instruction. 

These control mechanisms are effected via the configuration vector, the control vectors, and the instruction 
parameters. The ECFER and ICFER instructions are designed to operate only if both the exporting and 
importing devices "agree" to use the same protocol and protocol options. In effect, this means that both 
devices must be configured the same (i.e., both configuration vectors must be the same with respect to 

10 device backup), both devices must use the same key management protocol, and the same parameter 
options must be specified to the ECFER and ICFER instructions. The following addition conditions are 
enforced: (1) the method of loading or generating KMP at the exporting and importing devices must be the 
same, and (2) when protocol-mode = 1 or 2 the PUC keys (or PUM and PUC keys) used at the exporting 
and importing devices to import the PUA keys must be the same. A HIST-DOMAIN ID field in the state 

75 vector of a cloned CF environment records the domain identifier of the PUC keys (or PUC and PUM keys) 
used to import the PUA keys when protocol modes 1 or 2 are used. By using the ECFAR instruction, a 
cloned device can be audited to ensure that backup and recovery was effected with the proper PUC key. 
Agreement between the exporting and importing devices is effected through the use of the record code field 
in the Crypto Facility Backup DEA Key Record and through direct comparisons of the information stored in 

20 the CFER produced at the exporting device and the CF Environment of the importing device. 

The ECFER and ICFER instructions provide an option requiring the master key KM and/or the PKA 
master key KMP to be reentered at the importing (or receiving) device. In that case, the cryptovariable 
encrypting key KK1 under which the Secret Part of xcfer is encrypted can be recovered at the receiving 
device only if the required values of KM and/or KMP have been properly entered. This option permits a CF 

25 Environment to be ported without exposing KM or KMP to any greater extent than would otherwise be 
required for ordinary manual key entry at a sending or receiving device. To permit recovery, KMP must be 
reentered into the NKMP register and KM must be reentered into the NKM register using the CF 
instructions. The concept of CF Environment backup using the ECFER and ICFER instructions is such that 
the PUA and PRA keys are not ported from one device to another. Thus, when a CF Environment is 

30 reimported at a receiving device, the existing PUA and PRA keys are not changed, and the content of the 
DID register is not changed. However, the content of the EID register IS changed, i.e., the content of the 
EID register ports from one device to another. These ensure that existing certificates containing EID remain 
valid, and the anti-reimport property of EID remains valid. 
The ICFER instruction executes only in the "run" state. 



35 



40 



45 



Set and Reset Alarm (SRALM) 

EQUATION: 

mode /lb minimum/ 

— > 

CC /unspecified/ 

PARAMETER DEFINITIONS: 

INPUTS DESCRIPTION 



50 



55 
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MODE 



A parameter indicating whether to set or 
reset alarm, as follows: 



reset alarm 



10 



OUTPUTS 



set alarm 



DESCRIPTION 



75 



cc 



Condition code indicating success or failure 
of the instruction execution. 



20 DESCRIPTION: 



The Set and Reset Alarm instruction signals the OF that an "alarm" condition should be set or reset. 
The term "alarm" means a signal sent on a line, e.g., causing a light to come on or a signal to be sent on a 
monitoring line to a centra! location. 
25 Besides the frequently used Key Record Encrypt and Key Record Decrypt algorithms, there are other 

algorithms commonly used by the PKCD instructions. They are described as follows. 

IPRN - Initialize Pseudo-Random Number Algorithm 



30 



35 



40 



45 



50 



55 



Inputs: 
Outputs: 



None. 
None. 



Algorithm Description: 

1. Produce KK1 and KK2 from PRNGKEY1, PRNGKEY2 and PRNGCTR1 registers: 

a. Set KK1L : = leftmost PRNGKEY1 XOR PRNGCTR1 

b. Set KK1R : = rightmost PRNGKEY1 XOR PRNGCTR1 

c. Set KK2L : = leftmost PRNGKEY2 XOR PRNGCTR1 

d. Set KK2R : = rightmost PRNGKEY2 XOR PRNGCTR1 

NOTE: : the IPRN algorithm assumes that PRNGCTR1 is continuously updated by by hardware. If 
PRNGCTR1 is not implemented, one may alternatively read an internal Time of Day clock value and, if 
TOD has more than 64 bits, use the low-order 64 bits of TOD instead of PRNGCTR1. 

2. Calculate KK3 and KK4: 

a. Calculate a hash value on KK1 using the MDC-2 algorithm, and assign the result to KK3. 

b. Calculate a hash value on KK2 using the MDC-2 algorithm, and assign the result to KK4. 

Note this step eliminates the need to erase or zeroize the PRNGKEY1 and PRNGKEY2 registers when 
the CF Environment is clear. It also distributes any randomness uniformly over the key. 

3. Fix bite in KK3 and KK4: 

B'OO'. 
B'Or. 
B'10\ 
B'ir. 

4. (Optional) adjust parity of KK3 and KK4: 
a. For each byte in KK3 and KK4 (whose bits are numbered bO to b7), set bit b7 so that bits bO thru 
b7 have an odd number of bits set to B'1'. 

5. Write KK3 to PRNGKEY1 register and KK4 to PRNGKEY2 register: 
a. PRNGKEY1 := KK3. b. PRNGKEY2 := KK4. 



■•a 



i-1 



a. Set bits 00. .01 of KK3 

b. Set bits 64..65 of KK3 

c. Set bits 00. .01 of KK4 

d. Set bits 64.-65 of KK4 



153 



BNSDOClD:<EP 053441 9A2> 




EP 0 534 419 A2 



ENCKU - Encrypt CKU to IKU Algorithm 

The ENCKU algorithm is the inverse of the RCKUl algorithm. 
The ENCKU algorithm is as follows: 
5 ENCKU(KMP,N1,CKU --> IKU) 

Inputs: 

KMP A 128 bit DEA key. 
N1 The length of CKU and IKU in bytes. 
CKU A Clear Key Unit. 
10 Outputs: 

IKU An Internal Key Unit. 

Algorithm Description: 



75 1 . Extract control data (consisting of a system control block concatenated to a user control block) from 
CKU. 

2. Extract key record and key authenticator record from CKU. 

3. Encrypt key record and key authenticator record using the method described in the Key Record 
Encrypt algorithm. 

20 4. Convert CKU to IKU by updating the header and by replacing the key record and key authenticator 
record in CKU with encrypted key record and encrypted key authenticator, respectively. 

RCKUl - Recover CKU from IKU Algorithm 

25 The RCKUl algorithm is the inverse of the ENCKU algorithm. 

The RCKUl algorithm is as follows: 
RCKUKKMP.NUKU --> CKU.RC) 
Inputs: 

KMP A 128 bit DEA key. 
30 N1 The length of IKU In bytes. 

IKU An Internal Key Unit. 
Outputs: 

CKU A Clear Key Unit. 

RC Return code 
35 1. successful completion 

2. key authenticator record in the IKU does not verify 

Algorithm Description: 

40 1. Extract the control data from IKU. 

2. Extract encrypted key record and encrypted key authenticator record from CKU. 

3. Decrypt encrypted key record and encrypted key authenticator record using the method described in 
the Key Record Decrypt algorithm. 

4. Convert IKU to CKU by updating the header and by replacing the encrypted key record and encrypted 
45 key authenticator record in IKU with key record and key authenticator, respectively. 

PKGA - PKA Key Generation Algorithm 

The PKA Key Generation algorithm is as follows: 
50 PKGA(C.GMODE.CODEWQRD,RES --> SI ,CFPKR1 ,S2.CFPKR2,RC) 

Inputs: 

c A 16 byte control vector of the generated public key. 

GMODE A parameter indicating the mode of key generation, as follows: 

'R* : Random - Key generation makes use of an L-bit seed randomly generated. 
55 'D' : Derived - Key generation makes use of an L-bit seed derived from a 128 bit 

codeword supplied as an input parameter. 
CODEWORD A 128 bit "seed" value used to generate an L-bit pseudorandom number. 
RES A parameter indicating key length restrictions, as follows: 
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10 



o 0 : no restriction 
o 1 : length restriction type "1" 
Outputs: 

51 The length of cfpkrl in 8-byte blocks. 

CFPKR1 A Crypto Facility PKA Key Record containing a generated public key. 

52 The length of cfpkr2 in 8-byte blocks. 

CFPKR2 A Crypto Facility PKA Key Record containing a generated private key. 

RC Return code 

1 . - successful operation 

2. - Algorithm specified in the control vector is not supported 



Algorithm Description: 



1. Set alg := ALGORITHM field in C 
75 2. If gmode = 'R*. then generate an L-bit seed using a random or a pseudorandom number generator. 

3. Else (gmode = 'D'). derive an L-bit seed from the supplied codeword. 

4. Perform the Key Generation Algorithm (KGA) on the L-bit seed to generate a pair of public, and private 
key records cfpkrl and cfpkr2, respectively. 

NOTE: KGA and the method for deriving an L-bit seed from a codeword have been described in co- 
20 pending patent by S.M. Matyas, et al. entitled "Generating Public and Private Key Pairs using a 
Passphrase," cited in the background art. 



CVVLD - Control Vector Validate Algorithm 



25 The Control Vector Validate algorithm is as follows: 

CWLD(CI -> RC) 
Inputs: 

CI The input control vector Ci on which the CV checking is performed. 
Outputs: 

30 RC Return code 

1. successful completion 

2. unsuccessful completion 



Algorithm Description: 

35 

The Control Vector Validate checks a control vector associated with a PKA key. No checking is 
performed on the CV TYPE field. 

1 . Set RC : = 0 

2. Verify ANTIVARIANT ZERO in Ci = B'O' 
40 3. Verify ANTIVARIANT ONE in Ci = BM' 

4. Verify EXTENSION in Ci = B'10' (i.e., >128 bit control vector) 

5. Verify TESTZERO in Ci = B'OOO* (i.e., RPZ are valid) 

6. If checking fails, then set RC : = 1 arid abort operation. 

45 CVG - Control Vector Generation Algorithm 



The Control Vector Generate algorithm is used by the IPUK instruction to set history information in an 
output control vector. The specific fields set by the Control Vector Generate routine are HIST-IPUK, HIST- 
CHAIN, HIST-MDC, HtST-DOMAIN ID and HIST-KREGMODE. These history fields are interrogated for 
50 compliance with minimum threshold values set forth in the configuration vector and in other control vectors, 
when a public key is used for key management or CP environment backup 

The Control Vector Generate is as follows: 



55 
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CVG(IMP0RT-MQDE,MDC-M0DE.MDC-INDEX,SIGNATURE-MQDE,C1.C2 -> C3) 
Inputs: 



10 



15 



20 



IMPORT-MODE 
MDC-MODE 

MDC-INDEX 
SIGNATURE-MODE 



CI 
C2 



C3 



A 1 bit value indicating the import- mode, as follows: 

o 0 : import-mode = 0 in IPUK instruction 

o 1 : import-mode = 1 in IPUK instruction 
A i bit value indicating the MDC-mode, as follows: 

o 0 : MDC-mode = 0 in IPUK instruction 

o 1 : MDC-mode = 1 in IPUK instruction 
This parameter is valid only when import-mode = 0. 
A parameter has a value equal to the MDC-index parameter in the IPUK 
instruction. 

A 2 bit value indicating the signature mode, as follows: 

o 0 : signature-mode = 0 in IPUK instruction 

o 1 : signature-mode = 1 in IPUK instruction 

o 2 : signature-mode = 2 in IPUK instruction 
A 16 byte control vector associated with a PU to be imported. 
A 16 byte control vector associated with a PU used to validate a digital 
signature. 
Outputs: 

A 16 byte control vector, associated with the imported PU. 



Algorithm Description: 

25 

1. Set C3 := C1 

2. Update HIST-IPUK field: 

a. Set HIST-IPUK in C3 : = B'V (i.e., imported) 

3. Update HIST-MDC field: 

30 a. If import-mode = 0 and mdc-mode = 0, then set HIST-MDC in C3 : = B'OV. 

b. If import-mode -0 and mdc-mode = 1, then set HIST-MDC in C3 := EKUMDC FLAG(mdc-index) in 
state vector. 

c. If import-mode = 1, then set HIST-MDC in C3 : = HIST-MDC in C2. 

4. Update HIST-KREGMODE field, if CV TYPE in Cl = 'PUA' and CV TYPE in C2 = 'PUM': 

35 a. Set HIST-KREGMODE in C3 : = KREGMODE in C2. Note: The HIST-KREGMODE field may contain 

valid history information when HIST-CHAIN =^ B'lV. Notwithstanding this, the HIST-KREGMODE field 
is considered valid only when HIST-IPUK = B'V and HIST-CHAIN = B'11. 

NOTE: Since for import-mode = 0 CV TYPE in CI always equals CV TYPE in C2, step 4 is executed only 

when import-mode = 1 . 

40 5. Update HIST-DOMAIN ID field, if CV TYPE in Cl = 'PUA' and (CV TYPE in C2 = 'PUC or CV TYPE 
in C2 = TUM): 

a. Set HIST-DOMAIN ID in C3 : = DOMAIN ID in C2. Note: The HIST-DOMAIN ID field may contain 
valid history information when HIST-CHAIN ^ BMO' or B'11'. Notwithstanding this, the HIST-DOMAIN 
ID field is considered valid only when HIST-IPUK = B'V and (either HIST-CHAIN = B'10 or HIST- 
46 CHAIN = B'lV). 

NOTE: Since for import-mode - 0 CV TYPE in Cl always equals CV TYPE in C2, step 5 is executed only 

when import-mode = 1 . 

6. Update HIST-CHAIN field: 

a. Set HIST-CHAIN in 03 : = BW 
50 b. If (import-mode = 0) and (signature-mode = 0 or signature-mode = 1) and (CV TYPE in Cl = 'PUC'), 

then set HIST-CHAIN in C3 : = B'OV. 

c. If (import-mode = 1) and (CV TYPE in 01 = 'PUC') and (CV TYPE in 02 = 'PUC') and (HIST-IPUK 
in C2 = B'V) and (HIST-CHAIN in C2 = B'01') and (DOMAIN ID in Cl = DOMAIN ID in C2), then set 
HIST-CHAIN in C3 := B'OV. 
55 d. If (import-mode = 1) and (CV TYPE in Cl = 'PUM') and (CV TYPE in 02 = 'PUC') and (HIST-IPUK 

in 02 = B'V) and (HIST-CHAIN in 02 = B*Or) and (DOMAIN ID in 01 = DOMAIN ID in C2), then set 
HIST-CHAIN in 03 := B'lOV 
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e. If (import-mode = 1) and (CV TYPE in C1 = 'PUA') and (CV TYPE in C2 = 'PUC') and (HIST-IPUK 
in C2 = B'V) and (HIST-CHAIN in C2 = B'OV). then set HIST-CHAIN in C3 := B'10V 

f. If (import-mode = 1) and (CV TYPE in C1 = 'PUA') and (HIST-IPUK in C1 = B'O') and (CV TYPE in 
C2 = 'PUM') and (HIST-IPUK in C2 = B'V) and (HIST-CHAIN in C2 = B'10'). then set HIST-CHAIN 

5 in C3 B'ir. Note: Checking that HIST-IPUK in C1 = B'O' ensures that PUA is generated at the 

same device as the PRM used to generate the digital signature on EKU. 
NOTE: For import-mode = 0 and signature-mode = 0, HIST-CHAIN is set equal to B'OO', which, in terms of 
the CFAP definition of 'merit', limits all imported PU keys to be 'BRONZE' keys (i.e., no 'GOLD' or 
'SILVER' keys can be imported). 
10 Although a specific embodiment of the invention has been disclosed, it will be understood by those 
having skill in the art that changes can be made to the specific embodiment without departing from the 
spirit and the scope of the Invention. 

Claims 

15 

1. In a data processing system, a method for managing a public key cryptographic system, comprising 
the steps of: 

generating a first public key and a first private key as a first pair in said data processing system, for 
20 use with a first public key algorithm; 

generating a second public key and a second private key as a second pair in said data processing 
system, for use with a second public key algorithm; 

25 assigning a private control vector for said first private key and said second private key in said data 

processing system, for defining permitted uses for said first and second private keys; 

forming a private key record which includes said first private key and said second private key in said 
data processing system, and encrypting said private key record under a first master key expression 
30 which is a function of said private control vector; _ „ 

.5 

forming a private key token which includes said private control vector and said private key record, and 

storing said private key token in said data processing system; e 

35 receiving a first key use request in said data processing system, requiring said first public key vV - 

algorithm; 



accessing said private key token in said data processing system and checking said private control 
vector to determine if said private key record contains a key having permitted uses which will satisfy 
40 said first request; 

decrypting said private key record under said first master key expression in said data processing 
system and extracting said first private key from said private key record; 

45 selecting said first public key algorithm in said data processing system for said first key use request; 



executing said first public key algorithm in said data processing system using said first private key to 
perform a cryptographic operation to satisfy said first key use request. 

50 2. The method of claim 1 , which further comprises: 



said private key record including first parse data to locate said first private key and said second private 
key in said key record; 

55 said extracting step including using said parse data for extracting said first private key from said private 

key record. 
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3. The method of claim 1 or 2, which further comprises: 

forming a first private key authentication record in said data processing system, by computing a hash 
value using a hashing function on said private key record and encrypting said first private key 
5 authentication record under a second master key expression which is a function of said private control 

vector; 

said private key token including said first private key authentication record. 

70 4. The method of claim 3, which further comprises: 

after said decrypting step, computing a second private key authentication record in said data 
processing system, by computing a second hash value using said hashing function on said decrypted 
private key record and comparing said second a private key authentication record with said first private 
15 key authentication record; 

aborting further processing of said first key use request in said data processing system, if said second 
private key authentication record is not equal to said first private key authentication record. 

20 5. The method of claim 4, which further comprises: 

said private key token including first header data to locate said control vector, said private key record 
and said private key authentication record in said private key token; 

25 said accessing step including using said header data to locate said private key record in said private 

key token. 

6. The method of claim 1 or anyone of the claims 2 to 5, which further comprises: 

30 assigning a public control vector for said first public key and said second public key in said data 

processing system, for defining permitted uses for said first and second public keys; 

forming a public key record which Includes said first public key and said second public key In said data 
processing system, and encrypting said public key record under a third master key expression which is 
35 a function of said public control vector; 

forming a public key token which Includes said public control vector and said public key record, and 
storing said public key token in said data processing system; 

40 receiving a second key use request In said data processing system,, requiring said second public key 

algorithm; 

accessing said public key token In said data processing system and checking said public control vector 
to determine if said public key record contains a key having permitted uses which will satisfy said 
45 second request; 

decrypting said public key record under said third master key expression In said data processing 
system and extracting said first public key from said public key record; 

50 selecting said second public key algorithm in said data processing system for said second key use 

request; 

executing said second public key algorithm in said data processing system using said first public key 
to perform a cryptographic operation to satisfy said second key use request. 

55 

7. The method of claim 6, which further comprises: 

said public key record including second parse data to locate said first public key and said second 
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public key in said key record; 

said extracting step for said first public key including using said parse data for extracting said first 
public key from said public key record. 

5 

8. The method of claim 6 or 7, which further comprises: 

forming a second public key authentication record in said data processing system, by computing a 
hash value using said hashing function on said public key record and encrypting said second public 
10 key authentication record under a fourth master key expression which is a function of said public 

control vector; 

said public key token including said second public key authentication record. 

75 9. The method of claim 8, which further comprises: 

after said decrypting step for said public key record, computing a second public key authentication 
record in said data processing system, by computing a second hash value using said hashing function 
on said decrypted public key record and comparing said second a public key authentication record with 
20 said second public key authentication record; 

aborting further processing of said second key use request in said data processing system, if said 
second public key authentication record is not equal to said second public key authentication record. 

25 10. The method of claim 9, which further comprises: 

said public key token including second header data to locate said control vector, said public key record 
and said public key authentication record in said public key token; 

30 said accessing step for said public key token including using said header data to locate said public key 

record in said public key token. 

11. In a data processing system, a method for managing a public key cryptographic system, comprising 
the steps of: 

35 

generating a public key and a private key as a pair in said data processing system, for use with a 
public key algorithm; 

assigning a private control vector for said private key in said data processing system, for defining 
40 permitted uses for said private key; 

forming a private key record which includes said private key in said data processing system, and 
encrypting said private key record under a first master key expression which is a function of said 
private control vector; 

45 

forming a private key token which includes said private control vector and said encrypted private key 
record and storing said private key token in said data processing system; 

receiving a first key use request in said data processing system, requiring execution of said public key 
50 algorithm with a private key; 

accessing said private key token in said data processing system and checking said private control 
vector to determine if said private key record contains a key having permitted uses which will satisfy 
said first request; 

55 

decrypting said private key record under said first master key expression in said data processing 
system and extracting said private key from said private key record; 
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executing said public key algorithm in said data processing system using said private key to perform a 
cryptographic operation to satisfy said first key use request. 

12. The method of claim 11, which further comprises: 

5 

assigning a public control vector for said public key in said data processing system, for defining 
permitted uses for said public key; 

forming a public key record which includes said public key in said data processing system, and 
70 encrypting said public key record under a second master key expression which is a function of said 

public control vector; 

forming a public key token which includes said public control vector and said public key record and 
storing said public key token in said data processing system; 

15 

receiving a second key use request in said data processing system, requiring execution of said public 
key algorithm with a public key; 

accessing said public key token in said data processing system and checking said public control vector 
20 to determine if said public key record contains a key having permitted uses which will satisfy said 

second request; 

decrypting said public key record under said second master key expression in said data processing 
system and extracting said public key from said public key record; 

25 

executing said public key algorithm in said data processing system using said public key to perform a 
cryptographic operation to satisfy said second key use request. 

13. The method of claim 11 or 12, which further comprises: 

30 

forming a first private key authentication record in said data processing system, by computing a hash 
value using a hashing function on said private key record; 

said private key token including said first private key authentication record. 

35 

14. The method of claim 13, which further comprises: 

after said decryption step for said private key record, computing a second private key authentication 
record in said data processing system, by computing a second hash value using said hashing function 
40 on said decrypted private key record and comparing said second a private key authentication record 

with said first private key authentication record; 

aborting further processing of said first key use request in said data processing system, if said second 
private key authentication record is not equal to said first private key authentication record. 

45 

15. The method of claim 14, which further comprises: 

forming a second public key authentication record in said data processing system, by computing a 
hash value using said hashing function on said public key record; 

60 

said public key token including said second public key authentication record. 

16. The method of claim 15, which further comprises: 

55 after said decrypting step for said public key record, computing a second public key authentication 

record in said data processing system, by computing a second hash value using said hashing function 
on said decrypted public key record and comparing said second a public key authentication record with 
said second public key authentication record; 
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aborting further processing of said second key use request in said data processing system, if said 
second public key authentication record is not equal to said second public key authentication record. 

5 17. In a data processing system, a method for managing a public key cryptographic system, comprising 
the steps of: 

generating a public key and a private key in said cryptographic system; 

10 assigning a public key control vector to said public key in accordance with intended uses for said 

public key; 

assigning a private key control vector to said private key in accordance with intended uses for said 
private key; 

15 

Storing said public key in a public key record and storing said private key in a private key record; 

encrypting said public key record under a master key and encrypting said private key under said 
master key; 

20 

forming a modification detection code on a concatenated expression of said public key control vector 
and said public key record as a public key authentication record; 

forming a modification detection code on a concatenated expression of said private control vector and 
25 said private key record to produce a private key authentication record; 

encrypting said public key authentication record under said master key and encrypting said private key 
authentication record under said master key; 

30 forming a public key token which includes said public key control vector in a first field, said encrypted 

public key record in a second field, and said encrypted public key authentication record in a third field; 

forming a private key token including said private key control vector in a first field, said encrypted 
private key record in a second field, and said encrypted private key authentication record in a third 
35 field. 

18. The method of claim 17 wherein said master key is a secret key, preferably a data encryption algorithm 
key belonging to a symmetric key algorithm. 

40 19. In a data processing system, a computer program for managing a public key cryptographic system, 
which when executed on said data processing system, performs a method comprising the steps of: 

generating a first public key and a first private key as a first pair in said data processing system, for 
use with a first public key algorithm; 

45 

generating a second public key and a second private key as a second pair in said data processing 
system, for use with a second public key algorithm; 

assigning a private control vector for said first private key and said second private key in said data 
50 processing system, for defining permitted uses for said first and second private keys; 

forming a private key record which includes said first private key and said second private key in said 
data processing system, and encrypting said private key record under a first master key expression 
which is a function of said private control vector; 

55 

forming a private key token which includes said private control vector and said private key record, and 
storing said private key token in said data processing system; 
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receiving a first key use request in said data processing systenn, requiring said first public key 
algoritlnm; 

accessing said private key token in said data processing systenn and cliecking said private control 
"5 vector to determine if said private key record contains a key having permitted uses which will satisfy 

said first request; 

decrypting said private key record under said first master key expression in said data processing 
system and extracting said first private key from said private key record; 

70 

selecting said first public key algorithm in said data processing system for said first key use request; 

executing said first public key algorithm in said data processing system using said first private key to 
perform a cryptographic operation to satisfy said first key use request. 

75 

20. The computer program of claim 19, which further comprises: 

said private key record including first parse data to locate said first private key and said second private 
key in said key record; 

20 

said extracting step including using said parse data for extracting said first private key from said private 
key record. 

21. The computer program of claim 19 or 20, which when executed on said data processing system, 
25 performs the further steps, comprising: 

forming a first private key authentication record in said data processing system, by computing a hash 
value using a hashing function on said private key record and encrypting said first private key 
authentication record under a second master key expression which is a function of said private control 
30 vector; 

said private key token including said first private key authentication record. 

22. The computer program of claim 21, which when executed on said data processing system, performs 
35 the further steps, comprising: 

after said decrypting step, computing a second private key authentication record in said data 
processing system, by computing a second hash value using said hashing function on said decrypted 
private key record and comparing said second a private key authentication record with said first private 
40 key authentication record; 

aborting further processing of said first key use request in said data processing system, if said second 
private key authentication record is not equal to said first private key authentication record. 

45 23. The computer program of claim 22, which further comprises: 

said private key token including first header data to locate said control vector, said private key record 
and said private key authentication record in said private key token; 

50 said accessing step including using said header data to locate said private key record in said private 

key token. 

24. In a data processing system, a computer program for managing a public key cryptographic system, 
which when executed on said data processing system, performs a method comprising the steps of: 

55 

generating a public key and a private key as a pair in said data processing system, for use with a 
public key algorithm; 
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assigning a private control vector for said private key in said data processing system, for defining 
permitted uses for said private key; 

forming a private key record which includes said private key in said data processing systenn, and 
5 encrypting said private key record under a first master key expression which is a function of said 

private control vector; 

forming a private key token which includes said private control vector and said encrypted private key 
record and storing said private key token in said data processing system; 

10 

receiving a first key use request in said data processing system, requiring execution of said public key 
algorithm with a private key; 

accessing said private key token in said data processing system and checking said private control 
75 vector to determine if said private key record contains a key having permitted uses which will satisfy 

said first request; 

decrypting said private key record under said first master key expression in said data processing 
system and extracting said private key from said private key record; 

20 

executing said public key algorithm in said data processing system using said private key to perform a 
cryptographic operation to satisfy said first key use request. 

25. The computer program of claim 24, which when executed on said data processing system, performs 
25 the further steps, comprising: 

assigning a public control vector for said public key in said data processing system, for defining 
permitted uses for said public key; 

30 forming a public key record which includes said public key in said data processing system, and 

encrypting said public key record under a second master key expression which is a function of said 
public control vector; 

forming a public key token which includes said public control vector and said public key record and 
35 storing said public key token in said data processing system; 

receiving a second key use request in said data processing system, requiring execution of said public 
key algorithm with a public key; 

40 accessing said public key token in said data processing system and checking said public control vector 

to determine if said public key record contains a key having permitted uses which will satisfy said 
second request; 

decrypting said public key record under said second master key expression in said data processing 
45 system and extracting said public key from said public key record; 

executing said public key algorithm in said data processing system using said public key to perform a 
cryptographic operation to satisfy said second key use request. 

50 26. The computer program of claim 24 or 25, which when executed on said data processing system, 
performs the further steps, comprising: 

forming a first private key authentication record in said data processing system, by computing a hash 
value using a hashing function on said private key record; 

55 

said private key token including said first private key authentication record. 
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27. The computer program of claim 26, which when executed on said data processing system, performs 
the further steps, comprising: 

after said decryption step for said private key record, computing a second private key authentication 
5 record in said data processing system, by computing a second hash value using said hashing function 

on said decrypted private key record and comparing said second a private key authentication record 
with said first private key authentication record; 

aborting further processing of said first key use request in sard data processing system, if said second 
10 private key authentication record is not equal to said first private key authentication record. 

28. The computer program of claim 27, which when executed on said data processing system, performs 
the further steps, comprising: 

75 forming a second public key authentication record in said data processing system, by computing a 

hash value using said hashing function on said public key record; 

said public key token including said second public key authentication record. 

20 29. The computer program of claim 28, which when executed on said data processing system, performs 
the further steps, comprising: 

after said decrypting step for said public key record, computing a second public key authentication 
record in said data processing system, by computing a second hash value using said hashing function 
25 on said decrypted public key record and comparing said second a public key authentication record with 

said second public key authentication record; 

aborting further processing of said second key use request in said data processing system, if said 
second public key authentication record is not equal to said second public key authentication record. 

30 

30. A data processing system for managing a public key cryptographic system, comprising: 

first generating means for generating a first public key and a first private key as a first pair in said data 
processing system, for use with a first public key algorithm; 

35 

second generating means for generating a second public key and a second private key as a second 
pair in said data processing system, for use with a second public key algorithm; 

assigning means for assigning a private control vector for said first private key and said second private 
40 key in said data processing system, for defining permitted uses for said first and second private keys; 

key record forming means coupled to said first and second generating means, for forming a private key 
record which includes said first private key and said second private key in said data processing 
system, encrypting means coupled to said key record forming means and said assigning means, for 
45 encrypting said private key record under a first master key expression which is a function of said 

private control vector; 

key token forming means coupled to said assigning means and to said key record forming means, for 
forming a private key token which includes said private control vector and said private key record; 

50 

storing means coupled to said key token forming means, for storing said private key token in said data 
processing system; 

receiving means coupled to a user input, for receiving a first key use request in said data processing 
55 system, requiring said first public key algorithm; 

accessing means coupled to said receiving means and to said storing means, for accessing said 
private key token in said data processing system and checking said private control vector to determine 
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if said private key record contains a key Inaving permitted uses which will satisfy said first request; 

decrypting nneans coupled to said accessing means, for decrypting said private key record under said 
first master key expression in said data processing system and extracting said first private key from 
5 said private key record; 

selecting means coupled to said receiving means, for selecting said first public key algorithm in said 
data processing system for said first key use request; 

10 execution means coupled to said selecting means and to said decrypting means, for executing said first 

public key algorithm in said data processing system using said first private key to perform a 
cryptographic operation to satisfy said first key use request. 

31. The system of claim 30, which further comprises: 

authentication record forming means coupled to said key record forming means, for forming a first 
private key authentication record in said data processing system, by computing a hash value using a 
hashing function on said private key record and encrypting said first private key authentication record 
under a second master key expression which is a function of said private control vector; 

said private key token including said first private key authentication record. 

32. The system of claim 30 or 31, which further comprises: 

25 computing means coupled to said decryption means, for computing a second private key authentication 

record in said data processing system, by computing a second hash value using said hashing function 
on said decrypted private key record and comparing said second a private key authentication record 
with said first private key authentication record; 

30 terminating means coupled to said computing means, for aborting further processing of said first key 

use request in said data processing system, if said second private key authentication record Js not 
equal to said first private key authentication record. 
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(57) A data processing system, method and program 
are disclosed, for managing a public key crypto- 
graphic system. The method includes the steps of 
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as a first pair in the data processing system, for use 
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ing a second public key and a second private key as 
a second pair in the data processing system, for use 
with a second public key algorithm. The method 
then continues by assigning a private control vector 
for the first private key and the second private key in 
the data processing system, for defining permitted 
uses for the first and second private keys. Then the 
method continues by forming a private key record 
which includes the first private key and the second 
private key in the data processing system, and en- 
crypting the private key record under a first master 
key expression which is a function of the private 



control vector. The method then forms a private key 
token which includes the private control vector and 
the private key record, and stores the private key 
token in the data processing system. 

At a later time, the method receives a first key 
use request in the data processing system, requiring 
the first public key algorithm. In response to this, the 
method continues by accessing the private key to- 
ken in the data processing system and checking the 
private control vector to determine if the private key 
record contains a key having permitted uses which 
will satisfy the first request. The method then de- 
crypts the private key record under the first master 
key expression in the data processing system and 
extracts the first private key from the private key 
record. The method selects the first public key al- 
gorithm in the data processing system for the first 
key use request and executes the first public key 
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